urlscan.io logo urlscan.io
SecurityTrails logo

forbidden.yota.ru Open in urlscan Pro
94.25.232.135  Public Scan

Go To Rescan Add Verdict Report
URL: http://forbidden.yota.ru/
Submission Tags: yo ta l4ing ru sub yota ip Search All
Submission: On May 09 via manual from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 23 HTTP transactions. The main IP is 94.25.232.135, located in Murmansk, Russian Federation and belongs to MF-NWGSM-AS, RU. The main domain is forbidden.yota.ru.
This is the only time forbidden.yota.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    94.25.232.135 (Murmansk, Russian Federation)

ASN31213 (MF-NWGSM-AS, RU)
PTR: client.yota.ru
forbidden.yota.ru
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
1    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
4    95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)
ad.mail.ru
Apex Domain
Subdomains		 Transfer
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8724
2 KB
5 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 9748
ad.mail.ru — Cisco Umbrella Rank: 10001
18 KB
5 yota.ru
forbidden.yota.ru
114 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3374
58 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
71 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5171
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
350 B
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1019
51 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
98 KB
23 10
Domain Requested by
7 mc.yandex.com 3 redirects forbidden.yota.ru
5 forbidden.yota.ru forbidden.yota.ru
4 top-fwz1.mail.ru forbidden.yota.ru
3 mc.yandex.ru 2 redirects forbidden.yota.ru
3 www.google-analytics.com forbidden.yota.ru
www.google-analytics.com
1 ad.mail.ru forbidden.yota.ru
1 www.google.de forbidden.yota.ru
1 www.google.com forbidden.yota.ru
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleoptimize.com www.googletagmanager.com
1 www.googletagmanager.com forbidden.yota.ru
23 11

This site contains links to these domains. Also see Links.

Domain
yota.ru
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-03-17 -
2023-08-27		 5 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-11-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://forbidden.yota.ru/
Frame ID: B2132E9583573565715641A185395DD5
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Доступ ограничен

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

23
Requests

65 %
HTTPS

80 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

412 kB
Transfer

1074 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9992.QEgtrOyaVmSpKIiR5p6AsyihTK2PYBSa2xSCb-oDpWnXGOGjz1nccmZufzxH5tow.sbFXAAQwMouzavHOwRTCxuVunvQ%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9992.F9o1BC_ZRX0clIomhoRmp1j6PjlVJBwpiwGM_eLbaMrdJAivT8_Mi3hc6mnYP1G_MjV24sy0ftQW5Hk07AFh0CNj9UqI5rwzSObjduY9chA%2C.aABTbUHRAhuvK5iajAjv5Y4P4ds%2C
Request Chain 19
  • https://mc.yandex.com/watch/23410183?wmode=7&page-url=http%3A%2F%2Fforbidden.yota.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A476%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A262949576582%3Ahid%3A1055627836%3Az%3A0%3Ai%3A20230509101016%3Aet%3A1683627017%3Ac%3A1%3Arn%3A923129344%3Arqn%3A1%3Au%3A1683627017448087184%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A108%2C39%2C43%2C0%2C%2C0%2C%2C18%2C0%2C%2C%2C%2C209%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1683627015998%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683627017%3At%3A%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/23410183/1?wmode=7&page-url=http%3A%2F%2Fforbidden.yota.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A476%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A262949576582%3Ahid%3A1055627836%3Az%3A0%3Ai%3A20230509101016%3Aet%3A1683627017%3Ac%3A1%3Arn%3A923129344%3Arqn%3A1%3Au%3A1683627017448087184%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A108%2C39%2C43%2C0%2C%2C0%2C%2C18%2C0%2C%2C%2C%2C209%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1683627015998%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683627017%3At%3A%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 21
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9992.SXGmsNi54oHw5V4_TkfF2wS7Ix_JanXi8j1i5fp61okFClt27D0fpkoGxoc87c50.YZKgz9QDQ1y7xkr5-jUoiOrEg-Q%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.QBG-IHQ3PaqVgLkUiXCcU6tdE7MrYSm7_v4dKhA7Icn5Xr9y62oJMvPuyO5T_34xYeezaQXAiIti_vXRqvoUCp8_WAxZrX5vXaQaCissx6A%2C.aXj36ObonHel347pwaOevdSVt_A%2C

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
forbidden.yota.ru/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://forbidden.yota.ru/
Protocol
HTTP/1.1
Server
94.25.232.135 Murmansk, Russian Federation, ASN31213 (MF-NWGSM-AS, RU),
Reverse DNS
client.yota.ru
Software
nginx /
Resource Hash
88e3f3cbf0f3a011c4ecfeda4d96e634a96b6d7c5b8c9e82f0e68bbb2092f4f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
7389
Content-Type
text/html
Date
Tue, 09 May 2023 10:10:16 GMT
ETag
"63be93b2-1cdd"
Last-Modified
Wed, 11 Jan 2023 10:47:14 GMT
Server
nginx
style.css
forbidden.yota.ru/css/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://forbidden.yota.ru/css/style.css
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/
Protocol
HTTP/1.1
Server
94.25.232.135 Murmansk, Russian Federation, ASN31213 (MF-NWGSM-AS, RU),
Reverse DNS
client.yota.ru
Software
nginx /
Resource Hash
bb1f1b50fe058e351e2afca7a92e930256333601279deb47c5eabf2c98f56778

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 10:10:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 May 2018 22:17:34 GMT
Server
nginx
ETag
W/"5af4c4fe-3c02"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 May 2023 09:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3916
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 09 May 2023 11:05:00 GMT
gtm.js
www.googletagmanager.com/ 		401 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P25GJ2
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
687e6357dba49b138565860d0ba21186c5180589b600f9612322fb5118ed6448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:10:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100312
x-xss-protection
0
last-modified
Tue, 09 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 May 2023 10:10:16 GMT
thesansyota-w5plain.woff
forbidden.yota.ru/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://forbidden.yota.ru/fonts/thesansyota-w5plain.woff
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/css/style.css
Protocol
HTTP/1.1
Server
94.25.232.135 Murmansk, Russian Federation, ASN31213 (MF-NWGSM-AS, RU),
Reverse DNS
client.yota.ru
Software
nginx /
Resource Hash
68d26ab7d8830bf1f042dff49b26aebe7e7821acdb009d3da2a24413e19faa48

Request headers

Referer
http://forbidden.yota.ru/css/style.css
Origin
http://forbidden.yota.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 10:10:16 GMT
Last-Modified
Thu, 26 Apr 2018 19:48:02 GMT
Server
nginx
ETag
"5ae22cf2-6a50"
Content-Type
font/woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27216
iconfont.woff
forbidden.yota.ru/iconfont/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://forbidden.yota.ru/iconfont/iconfont.woff
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/css/style.css
Protocol
HTTP/1.1
Server
94.25.232.135 Murmansk, Russian Federation, ASN31213 (MF-NWGSM-AS, RU),
Reverse DNS
client.yota.ru
Software
nginx /
Resource Hash
08df8213a452d1ee3c4cede87d967bcb6a860eef6c05b54961cbbb7735495727

Request headers

Referer
http://forbidden.yota.ru/css/style.css
Origin
http://forbidden.yota.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 10:10:16 GMT
Last-Modified
Thu, 10 May 2018 22:17:34 GMT
Server
nginx
ETag
"5af4c4fe-5cc"
Content-Type
font/woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1484
theserifyota-w6semibold.woff
forbidden.yota.ru/fonts/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://forbidden.yota.ru/fonts/theserifyota-w6semibold.woff
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/css/style.css
Protocol
HTTP/1.1
Server
94.25.232.135 Murmansk, Russian Federation, ASN31213 (MF-NWGSM-AS, RU),
Reverse DNS
client.yota.ru
Software
nginx /
Resource Hash
4ec1ab327917e2da9b8c7e176635c864abef17918800d9286ad73cda00564385

Request headers

Referer
http://forbidden.yota.ru/css/style.css
Origin
http://forbidden.yota.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 10:10:16 GMT
Last-Modified
Wed, 28 Feb 2018 12:35:00 GMT
Server
nginx
ETag
"5a96a1f4-12548"
Content-Type
font/woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75080
js
www.google-analytics.com/gtm/ 		151 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NLK5SVC&cid=1981117803.1683627016
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f1d143f2d9cfd3959979f70f462ae4612580a7684bb6780839781b21c8d90c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:10:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51723
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 May 2023 10:10:16 GMT
optimize.js
www.googleoptimize.com/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-NLK5SVC
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P25GJ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38eb5aa38327fc4847b43c9f3b1aa967c2319150f9a12e59d24a98a35f5e50b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:10:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51443
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 May 2023 10:10:16 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-16019436-1&cid=1981117803.1683627016&jid=958389719&gjid=152964615&_gid=1354266011.1683627016&_u=aGDAgEADQAAAAEAEK~&z=1173493739
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://forbidden.yota.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 09 May 2023 10:10:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://forbidden.yota.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
watch.js
mc.yandex.ru/metrika/ 		164 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
f0a064c22678f5fa467eee7007b6a94da9413abe446a4bcbfbcf2387c90a0a65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:10:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 05 May 2023 15:14:23 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6454f31f-e583"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
58755
expires
Tue, 09 May 2023 11:10:16 GMT
code.js
top-fwz1.mail.ru/js/ 		33 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
5b9b5b9e92ca410c2b2c97c9bf53d51ebf533520c4737698ae96ea3897685313
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:10:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Tue, 21 Mar 2023 13:41:37 GMT
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag
W/"6419b411-85fb"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Tue, 09 May 2023 11:10:16 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=666897411&t=pageview&_s=1&dl=http%3A%2F%2Fforbidden.yota.ru%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQAAAAAAEK~&jid=958389719&gjid=152964615&cid=1981117803.1683627016&tid=UA-16019436-1&_gid=1354266011.1683627016&gtm=45He3530n71P25GJ2&cd21=1981117803.1683627016_1683627016556&cd22=1981117803.1683627016_1683627016557&cd23=1981117803.1683627016&cd25=http%3A%2F%2Fforbidden.yota.ru%2F&cd41=GTM-P25GJ2%2C%20v704&cd46=&cd19=1981117803.1683627016&z=183867992
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 05:06:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18227
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-16019436-1&cid=1981117803.1683627016&jid=958389719&_u=aGDAgEADQAAAAEAEK~&z=1999959159
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 10:10:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-16019436-1&cid=1981117803.1683627016&jid=958389719&_u=aGDAgEADQAAAAEAEK~&z=1999959159
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 10:10:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
counter
top-fwz1.mail.ru/ 		43 B
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3126158;u=http%3A//forbidden.yota.ru/;st=1683627016207;title=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=46d52b1b705bb540;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.4//4g/0/0/;lvid=1683627016777%3A1683627016789%3A1%3Ac53404f1115546dafb6a73690dcf207b;opts=dl%2Cjst-gtag-ga;visible=true;_=0.9763197721444392
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:10:16 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
/
ad.mail.ru/retarget/ 		43 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/retarget/?counter=3126158&list=VALUE&productid=VALUE&pagetype=VALUE&totalvalue=VALUE&_=0.7220778226787903
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 10:10:16 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
tracker
top-fwz1.mail.ru/ 		43 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3126158;u=http%3A//forbidden.yota.ru/;st=1683627016207;title=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=46d52b1b705bb540;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.4//4g/0/0/;lvid=1683627016777%3A1683627016790%3A2%3Ac53404f1115546dafb6a73690dcf207b;opts=dl%2Cjst-gtag-ga;visible=true;_=0.44036390705435435;e=IV%3AVALUE/VALUE%3BVALUE%3BVALUE
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:10:16 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9992.QEgtrOyaVmSpKIiR5p6AsyihTK2PYBSa2xSCb-oDpWnXGOGjz1nccmZufzxH5tow.sbFXAAQwMouzavHOwRTCxuVunvQ%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9992.F9o1BC_ZRX0clIomhoRmp1j6PjlVJBwpiwGM_eLbaMrdJAivT8_Mi3hc6mnYP1G_MjV24sy0ftQW5Hk07AFh0CNj9UqI5rwzSObjduY9chA%2C.aABTbUHRAhuvK5iajAjv5Y4P4ds%2C
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9992.F9o1BC_ZRX0clIomhoRmp1j6PjlVJBwpiwGM_eLbaMrdJAivT8_Mi3hc6mnYP1G_MjV24sy0ftQW5Hk07AFh0CNj9UqI5rwzSObjduY9chA%2C.aABTbUHRAhuvK5iajAjv5Y4P4ds%2C
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:10:16 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9992.F9o1BC_ZRX0clIomhoRmp1j6PjlVJBwpiwGM_eLbaMrdJAivT8_Mi3hc6mnYP1G_MjV24sy0ftQW5Hk07AFh0CNj9UqI5rwzSObjduY9chA%2C.aABTbUHRAhuvK5iajAjv5Y4P4ds%2C
date
Tue, 09 May 2023 10:10:16 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: forbidden.yota.ru
URL: http://forbidden.yota.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:10:16 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 05 May 2023 15:14:23 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6454f31f-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 09 May 2023 11:10:16 GMT
1
mc.yandex.com/watch/23410183/
Redirect Chain
  • https://mc.yandex.com/watch/23410183?wmode=7&page-url=http%3A%2F%2Fforbidden.yota.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A476%3Afu%3A0%3Aen%3Autf-8...
  • https://mc.yandex.com/watch/23410183/1?wmode=7&page-url=http%3A%2F%2Fforbidden.yota.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A476%3Afu%3A0%3Aen%3Autf...
428 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/23410183/1?wmode=7&page-url=http%3A%2F%2Fforbidden.yota.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A476%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A262949576582%3Ahid%3A1055627836%3Az%3A0%3Ai%3A20230509101016%3Aet%3A1683627017%3Ac%3A1%3Arn%3A923129344%3Arqn%3A1%3Au%3A1683627017448087184%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A108%2C39%2C43%2C0%2C%2C0%2C%2C18%2C0%2C%2C%2C%2C209%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1683627015998%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683627017%3At%3A%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
11ade8de601940b06b78c029d92b02f1ce2127120dc71412122674c514a45ad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 10:10:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 09-May-2023 10:10:17 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
http://forbidden.yota.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
428
x-xss-protection
1; mode=block
expires
Tue, 09-May-2023 10:10:17 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 10:10:17 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 09-May-2023 10:10:17 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/23410183/1?wmode=7&page-url=http%3A%2F%2Fforbidden.yota.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A476%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A262949576582%3Ahid%3A1055627836%3Az%3A0%3Ai%3A20230509101016%3Aet%3A1683627017%3Ac%3A1%3Arn%3A923129344%3Arqn%3A1%3Au%3A1683627017448087184%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A108%2C39%2C43%2C0%2C%2C0%2C%2C18%2C0%2C%2C%2C%2C209%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1683627015998%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683627017%3At%3A%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
http://forbidden.yota.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 09-May-2023 10:10:17 GMT
tracker
top-fwz1.mail.ru/ 		43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3126158;u=http%3A//forbidden.yota.ru/;st=1683627016207;title=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=46d52b1b705bb540;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1683627015998/////0/1/109/109/148//148/190/191/192/209/209/209/1022/1022/;ni=9.4//4g/0/0/;lvid=1683627016777%3A1683627017021%3A3%3Ac53404f1115546dafb6a73690dcf207b;opts=dl%2Cjst-gtag-ga;visible=true;_=0.5348282075583208;e=RT/load;et=1683627017020
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:10:17 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9992.SXGmsNi54oHw5V4_TkfF2wS7Ix_JanXi8j1i5fp61okFClt27D0fpkoGxoc87c50.YZKgz9QDQ1y7xkr5-jUoiOrEg-Q%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.QBG-IHQ3PaqVgLkUiXCcU6tdE7MrYSm7_v4dKhA7Icn5Xr9y62oJMvPuyO5T_34xYeezaQXAiIti_vXRqvoUCp8_WAxZrX5vXaQaCissx6A%2C.aXj36ObonHel347pwa...
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.QBG-IHQ3PaqVgLkUiXCcU6tdE7MrYSm7_v4dKhA7Icn5Xr9y62oJMvPuyO5T_34xYeezaQXAiIti_vXRqvoUCp8_WAxZrX5vXaQaCissx6A%2C.aXj36ObonHel347pwaOevdSVt_A%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://forbidden.yota.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:10:17 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.QBG-IHQ3PaqVgLkUiXCcU6tdE7MrYSm7_v4dKhA7Icn5Xr9y62oJMvPuyO5T_34xYeezaQXAiIti_vXRqvoUCp8_WAxZrX5vXaQaCissx6A%2C.aXj36ObonHel347pwaOevdSVt_A%2C
date
Tue, 09 May 2023 10:10:17 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| dataLayer string| GoogleAnalyticsObject function| ga function| go object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| google_optimize function| postscribe object| google_tag_manager_external object| _tmr undefined| errorr object| Ya object| yaCounter23410183

17 Cookies

Domain/Path Name / Value
.yota.ru/ Name: _ga
Value: GA1.2.1981117803.1683627016
.yota.ru/ Name: _gid
Value: GA1.2.1354266011.1683627016
.yota.ru/ Name: _dc_gtm_UA-16019436-1
Value: 1
.yota.ru/ Name: tmr_lvid
Value: c53404f1115546dafb6a73690dcf207b
.yota.ru/ Name: tmr_lvidTS
Value: 1683627016777
.yota.ru/ Name: _ym_uid
Value: 1683627017448087184
.yota.ru/ Name: _ym_d
Value: 1683627017
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3083618424fake
.yota.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1672090872fake
.mail.ru/ Name: VID
Value: 3_LfEE0K3Q2H00000q1eP4YH:::0-0-0-97474c8:CAASEHYuP99kYdgBWz1ozk1VdgQaYA2eqjKaCmrIfdDFvP1avVpziZNBjyMQ9Ht1vV-hMGcbEXpMuyPDc7ownEHtxuuLcwO4Hinnsai7GGloYCnJMCZUAKiY8l5zxCRuES5iR_rMXIHe-Ilizj27glSQaMEk_w
mc.yandex.com/ Name: yabs-sid
Value: 1408650981683627017
.yandex.com/ Name: i
Value: ckshuhg6TbcvrJuyOuuurWocQafuyK3Lj+MLGN+3QIy0VsElzk5T02jUGqwxgASmrPoV2KQayOE1tpF3aoaet4ke370=
.yandex.com/ Name: yandexuid
Value: 8058193791683627017
.yandex.com/ Name: yuidss
Value: 8058193791683627017
.yandex.com/ Name: ymex
Value: 1715163017.yc.1683627017#1715163017.yrts.1683627017#1715163017.yrtsi.1683627017
forbidden.yota.ru/ Name: tmr_detect
Value: 0%7C1683627019056

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mail.ru
forbidden.yota.ru
mc.yandex.com
mc.yandex.ru
stats.g.doubleclick.net
top-fwz1.mail.ru
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
2a00:1148:db00::17
2a00:1450:4001:806::2004
2a00:1450:4001:808::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a00:1450:400c:c0a::9a
2a02:6b8::1:119
94.25.232.135
95.163.52.67
08df8213a452d1ee3c4cede87d967bcb6a860eef6c05b54961cbbb7735495727
11ade8de601940b06b78c029d92b02f1ce2127120dc71412122674c514a45ad3
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
38eb5aa38327fc4847b43c9f3b1aa967c2319150f9a12e59d24a98a35f5e50b9
4ec1ab327917e2da9b8c7e176635c864abef17918800d9286ad73cda00564385
4f1d143f2d9cfd3959979f70f462ae4612580a7684bb6780839781b21c8d90c6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b9b5b9e92ca410c2b2c97c9bf53d51ebf533520c4737698ae96ea3897685313
687e6357dba49b138565860d0ba21186c5180589b600f9612322fb5118ed6448
68d26ab7d8830bf1f042dff49b26aebe7e7821acdb009d3da2a24413e19faa48
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88e3f3cbf0f3a011c4ecfeda4d96e634a96b6d7c5b8c9e82f0e68bbb2092f4f7
bb1f1b50fe058e351e2afca7a92e930256333601279deb47c5eabf2c98f56778
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a064c22678f5fa467eee7007b6a94da9413abe446a4bcbfbcf2387c90a0a65