nefakt.info Open in urlscan Pro
5.188.57.51 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nefakt.info/290173/
Submission: On June 06 via manual (June 6th 2022, 5:41:09 am UTC) from IN — Scanned from DE

Summary HTTP 114 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 9 countries across 37 domains to perform 114 HTTP transactions. The main IP is 5.188.57.51, located in Russian Federation and belongs to SELECTEL, RU. The main domain is nefakt.info.
TLS certificate: Issued by R3 on May 1st 2022. Valid for: 3 months.

This is the only time nefakt.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	5.188.57.51 5.188.57.51	49505 (SELECTEL) (SELECTEL)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
12 20	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
5	62.76.25.28 62.76.25.28	61400 (NETRACK-AS) (NETRACK-AS)
4 16	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
6	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
27	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
4	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
4	2a02:6b8::36 2a02:6b8::36	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
3 3	46.4.121.26 46.4.121.26	24940 (HETZNER-AS) (HETZNER-AS)
1 1	116.202.128.114 116.202.128.114	24940 (HETZNER-AS) (HETZNER-AS)
2 3	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1 2	52.215.108.43 52.215.108.43	16509 (AMAZON-02) (AMAZON-02)
6 6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2	37.18.16.16 37.18.16.16	205675 (HYBRID-AS) (HYBRID-AS)
2 2	185.15.175.144 185.15.175.144	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	144.76.118.200 144.76.118.200	24940 (HETZNER-AS) (HETZNER-AS)
1 1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1 1	91.192.148.30 91.192.148.30	42481 (BEGUN-AS) (BEGUN-AS)
2 2	193.232.150.45 193.232.150.45	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1 1	31.220.27.135 31.220.27.135	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	217.66.147.164 217.66.147.164	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 2	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
2	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
2 2	95.216.101.186 95.216.101.186	24940 (HETZNER-AS) (HETZNER-AS)
1	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	116.202.85.93 116.202.85.93	24940 (HETZNER-AS) (HETZNER-AS)
2 2	176.9.8.252 176.9.8.252	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.198.16.238 88.198.16.238	24940 (HETZNER-AS) (HETZNER-AS)
2 2	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
1 1	188.72.107.194 188.72.107.194	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	45.9.24.193 45.9.24.193	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
2 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
114	24

12 5.188.57.51 (Russian Federation)

ASN49505 (SELECTEL, RU)

nefakt.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:6b8:a::a (Moscow, Russian Federation) 12 redirects

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 62.76.25.28 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)

jlzbnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.4.121.26 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271109.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.128.114 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1315780.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.108.43 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-108-43.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Gauteng, South Africa)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.16 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.144 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.118.200 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.200.118.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation) 1 redirects

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.148.30 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.45 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp1.senders.chicle.media

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.135 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.164 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-164-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.109.66 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.101.186 (Helsinki, Finland) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.85.93 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.93.85.202.116.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.9.8.252 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-21.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.16.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-24.community.moscow

df089091-d683-4852-963b-dcc68ddcd0f8.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.107.194 (Paris, France) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.9.24.193 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	yandex.ru 13 redirects yandex.ru — Cisco Umbrella Rank: 1393 mc.yandex.ru — Cisco Umbrella Rank: 3528 an.yandex.ru — Cisco Umbrella Rank: 2378 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 26650	276 KB
13	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9388	5 KB
12	doubleclick.net 8 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 191 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	7 KB
12	nefakt.info nefakt.info	278 KB
8	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 8113 favicon.yandex.net — Cisco Umbrella Rank: 10017	88 KB
7	gstatic.com fonts.gstatic.com	124 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6117	1000 B
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
6	yastatic.net yastatic.net — Cisco Umbrella Rank: 6571	179 KB
5	jlzbnl.com jlzbnl.com	73 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 114	16 KB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 31460 df089091-d683-4852-963b-dcc68ddcd0f8.sync.upravel.com	2 KB
3	mts.ru 3 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 29952 tech.rtb.mts.ru — Cisco Umbrella Rank: 29731	2 KB
3	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1817	2 KB
3	acint.net 3 redirects acint.net — Cisco Umbrella Rank: 29185	1 KB
2	rutarget.ru 2 redirects yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 62712 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 62880	837 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 15058	1 KB
2	1dmp.io 2 redirects sync.1dmp.io — Cisco Umbrella Rank: 12087	1023 B
2	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 12161	402 B
2	semantiqo.com 1 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 58021	976 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10231	506 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 11830	811 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 24401	1 KB
2	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 31214	475 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 194	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	2 KB
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 15831	70 B
1	bumlam.com sync.bumlam.com — Cisco Umbrella Rank: 3101	390 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9241	332 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 3561	206 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 39816	244 B
1	new-programmatic.com 1 redirects match.new-programmatic.com — Cisco Umbrella Rank: 32933	278 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 20604	178 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 63042	388 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 2470	410 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 38525	631 B
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
114	37

	Domain	Requested by
27	an.yandex.ru	yandex.ru nefakt.info
20	yandex.ru	12 redirects nefakt.info yandex.ru yastatic.net
13	mc.yandex.com	3 redirects nefakt.info mc.yandex.ru
12	nefakt.info	nefakt.info
7	fonts.gstatic.com	fonts.googleapis.com
6	www.google.de
6	www.google.com	2 redirects
6	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
6	cm.g.doubleclick.net	6 redirects
6	yastatic.net	yandex.ru yastatic.net nefakt.info
5	jlzbnl.com	nefakt.info jlzbnl.com
4	favicon.yandex.net	nefakt.info
4	avatars.mds.yandex.net	nefakt.info
3	www.googleadservices.com	2 redirects yastatic.net
3	ads.betweendigital.com	2 redirects nefakt.info
3	acint.net	3 redirects
3	mc.yandex.ru	1 redirects nefakt.info yastatic.net
2	x01.aidata.io	2 redirects
2	sync.upravel.com	2 redirects
2	sync.1dmp.io	2 redirects
2	ssp.adriver.ru	nefakt.info
2	sonar.semantiqo.com	1 redirects
2	sm.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	px.adhigh.net	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	dm.hybrid.ai	nefakt.info
2	dpm.demdex.net	1 redirects
2	fonts.googleapis.com	nefakt.info
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	df089091-d683-4852-963b-dcc68ddcd0f8.sync.upravel.com	1 redirects
1	sync.dmp.otm-r.com	nefakt.info
1	sync.bumlam.com	nefakt.info
1	counter.yadro.ru	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	s.uuidksinc.net	1 redirects
1	profile.ssp.rambler.ru	1 redirects
1	match.new-programmatic.com	1 redirects
1	exchange.buzzoola.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	t.adx.opera.com	nefakt.info
1	ssp-rtb.sape.ru	1 redirects
1	ysa-static.passport.yandex.ru	nefakt.info
0	mitdmp.whiteboxdigital.ru Failed	nefakt.info
114	45

This site contains links to these domains. Also see Links.

Domain
www.kirpich-m.ru
jlzbnl.com

Subject Issuer	Validity	Valid
nefakt.info R3	`2022-05-01` - `2022-07-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2022-09-01`	6 months	crt.sh
jlzbnl.com R3	`2022-04-08` - `2022-07-07`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-05` - `2022-11-03`	6 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-04-11` - `2022-09-10`	5 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.bumlam.com R3	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://nefakt.info/290173/
Frame ID: 23FBE7A3D8FB3D0BEBEE8D42DBAB1EA9
Requests: 63 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 7F6A5C16846C47031A6F49A212DDE78D
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Особенности возведения строительных объектов - НеФакт.инфо

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

114
Requests

75 %
HTTPS

30 %
IPv6

37
Domains

45
Subdomains

24
IPs

9
Countries

1043 kB
Transfer

2669 kB
Size

53
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.kirpich-m.ru/%D0%BA%D0%B8%D1%80%D0%BF%D0%B8%D1%87/%D0%BF%D0%BE%D1%80%D0%B8%D0%B7%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9_%D1%82%D0%B5%D0%BF%D0%BB%D0%B0%D1%8F_%D0%BA%D0%B5%D1%80%D0%B0%D0%BC%D0%B8%D0%BA%D0%B0
Title: блоки поризованные

Search URL Search Domain Scan URL

URL: https://jlzbnl.com/v4/click?media=446565&c=mAZRvnvMsZ1iWhFJi7VQh9aTXkjsM5f-JlwmgCWEbSGPcou_tIgp_ccEGrdxmvyuWJX8LZiRJf1vcj2a9UiMrNiaQbvrBpWiUE5ZX-RVAQ3PQDSNOiTjAzlaRbqVAyrLdQbSbaIEdie82R_EBkq_a0k7fjl8LssLhNuJzvYUCBhkYEvFpdDiuCan1A2PwF9GflYayANUiwMJuo1BJ9J77Cc66hjYBYHgZmbGAcsUdnmGXHME4nShELSUN0emPVSJmzb-tQAAUUtEzEfg9Zj6wU6Ux0TQ_9ddNXkod8m1or1V74sGsA9r3rXpzZhp_pNur6s6yCCswEVkoDHqv-ixuKEg-tV7oO7nphpwEeFU2dwbs18BJn_zU2srOokVppi_lZDwNRllxioWffl1gOWgap4G-S5mvf72hc0ZGHrNC5MjVA4wCnoiU99Um2UhBz2k9Fh8xIRLAy6iv2kuV2mwZRja72Mge_wJ0ODlemhulDcplsoOju_JPM7COI-xqj3UvOlRj2iCWeiCD0ZzKcwvHjmQeHqgbIxyEi6_aA
Title: Что Путин пожелал Макрону: мир вздрогнул от слов

Search URL Search Domain Scan URL

URL: https://jlzbnl.com/v4/click?media=433203&c=mAZRvv0a0hWG74XyGzyY0QVRlTrU6LVTcvZJ0ioQ3MJuxyVF-cnBnNiAh5HtCo4yUfw0m6foykTq0vcvuQRkVMXfrH7CvpYzEE9Z6IjCd-MhPQ8z1qpJ9ySiESKhZFZDHH5FObL-y3hPR7rh6KBOOAZXRlS2mfqseaR9HV9MEsFAtR7nm0V8LzJvOyxKyeIhOQRwgZrTd4mhOR5xSh2Fs61AxkdYsls9Ud7rIKdYxWdyEHias1Ule9C1RHtWGcZjcDBnZyEYJ398-dJtoJw5Kjm3cDazRkw7ZSHVO7cv83__Ubr_m8VxCePUZlqayXolRImXzmA6II2iNQfJt1kmEFLJkMZlMPv90HxVw_-3mD78dSAIJNmlgLsGICK6QRP5EPKMgUbm_ilxVDer5G1RNdy_VyWVohvT7hEzkAsL-OjQHNiDb6Ht9CVgY-GWfr-fhri6rociYD2jqMzUSfCBmmK4XUx-MdyUcbLslW6FAorwddA9tRGG60uI1WvD-S33aGFBcHoEE2mY6FPjclm7U4MJPrMUiYI5IZKIpcA
Title: Печальная новость пришла о Ксении Собчак

Search URL Search Domain Scan URL

URL: https://jlzbnl.com/v4/click?media=405164&c=mAZRvnsFnTuexO1FYARXDvWbex7ZPmFgNhtjCWWlQPgf4zTEhmC4dDUXJLL-zbkN8XGFAbfOJf7xsA0DahGibXHt0JKFn3rAmXs0ZeJ2phi0l7fxnqjDvRfqC41qZkDuZY50PO4cpYYklerQTvSL8_jwlaKvD3k86z3geNzt6qfKJA0DElUcn9OU_--d3ioZ1ZCjlK7MAaNyF69nMFZIH7JnUm1uRfWnRIR9gscwOF9Cf0amuKX8Fy--cePhjdWqafg2hzRtioTLrvYoamBiQJ71gcMz-TzqiRUxBsVb-xUnqYcNrXyFqh_n05cVjHL-NandlA0FeE6mLA-oLYVhO-TofsBuRnnbUBYstXyY81r8j5h2_lOXav8fd0gTC4s_M2S8IATznEmjIN23EKeKWR83BvfmlPXaI_zCRiJX1B4i8qcUge-CRahiGxvOYdXb7fNzQ6sBPs9W5uLML6irR-Ye3Rq66IgqBqtwavIom42FKMCFDWSHMmXSCIkwSpLCAjImRpV_4A
Title: Вот кем был Ельцин по национальности: скрывали не зря

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9661.uW2Y6wCHUrHPxI9FXRNC0LOPzSghYp33FxsrAk4cCuTDsqWtGZOzt4R9u49xu1mA.neMoYXer3xdqU65KQim3_UK9am8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9661.DXIlwBRu-lyebYeGelQFS1qO0o1DXcUNPrPSgjcPIsZaacWEnrFoMAU5nfMNkCsPJS87nro--Vh9nTfrEpSwWA%2C%2C.5iyeQbzcn_D7caFYIS55a0bsSTQ%2C

Request Chain 40

https://mc.yandex.com/watch/45733872?wmode=7&page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A569%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A1114697495065%3Ahid%3A159614450%3Az%3A0%3Ai%3A20220606054104%3Aet%3A1654494064%3Ac%3A1%3Arn%3A367897071%3Arqn%3A1%3Au%3A1654494064580324734%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654494063304%3Ads%3A11%2C172%2C88%2C79%2C0%2C0%2C%2C258%2C0%2C%2C%2C%2C609%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654494065%3At%3A%D0%9E%D1%81%D0%BE%D0%B1%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%D0%BE%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D0%B5%D0%BA%D1%82%D0%BE%D0%B2%20-%20%D0%9D%D0%B5%D0%A4%D0%B0%D0%BA%D1%82.%D0%B8%D0%BD%D1%84%D0%BE&t=gdpr(14)aw(1)rqnt(1)ti(2) HTTP 302
https://mc.yandex.com/watch/45733872/1?wmode=7&page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A569%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A1114697495065%3Ahid%3A159614450%3Az%3A0%3Ai%3A20220606054104%3Aet%3A1654494064%3Ac%3A1%3Arn%3A367897071%3Arqn%3A1%3Au%3A1654494064580324734%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654494063304%3Ads%3A11%2C172%2C88%2C79%2C0%2C0%2C%2C258%2C0%2C%2C%2C%2C609%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654494065%3At%3A%D0%9E%D1%81%D0%BE%D0%B1%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%D0%BE%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D0%B5%D0%BA%D1%82%D0%BE%D0%B2%20-%20%D0%9D%D0%B5%D0%A4%D0%B0%D0%BA%D1%82.%D0%B8%D0%BD%D1%84%D0%BE&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Request Chain 43

https://mc.yandex.com/watch/250298?wmode=7&page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A1%3Als%3A1390744647630%3Ahid%3A159614450%3Az%3A0%3Ai%3A20220606054104%3Aet%3A1654494065%3Ac%3A1%3Arn%3A319194934%3Au%3A1654494064580324734%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654494063304%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654494065%3At%3A%D0%9E%D1%81%D0%BE%D0%B1%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%D0%BE%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D0%B5%D0%BA%D1%82%D0%BE%D0%B2%20-%20%D0%9D%D0%B5%D0%A4%D0%B0%D0%BA%D1%82.%D0%B8%D0%BD%D1%84%D0%BE&t=gdpr(14)mc(p-1)lt(10800)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/250298/1?wmode=7&page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A1%3Als%3A1390744647630%3Ahid%3A159614450%3Az%3A0%3Ai%3A20220606054104%3Aet%3A1654494065%3Ac%3A1%3Arn%3A319194934%3Au%3A1654494064580324734%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654494063304%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654494065%3At%3A%D0%9E%D1%81%D0%BE%D0%B1%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%D0%BE%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D0%B5%D0%BA%D1%82%D0%BE%D0%B2%20-%20%D0%9D%D0%B5%D0%A4%D0%B0%D0%BA%D1%82.%D0%B8%D0%BD%D1%84%D0%BE&t=gdpr%2814%29mc%28p-1%29lt%2810800%29aw%281%29ti%282%29

Request Chain 54

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=0100007F71939D622500F05F0235818B&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/SAPEis/0100007F71939D622000681D02AD2F46

Request Chain 55

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/f250a8f0-f1de-529d-b257-437cd0cad00d

Request Chain 56

https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
https://yandex.ru/an/mapuid/adobedmp/?redir-setuniq=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=88FAE53EA716D899 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=88FAE53EA716D899

Request Chain 57

https://yandex.ru/an/mapuid/betweenx/ HTTP 302
https://yandex.ru/an/mapuid/betweenx/?redir-setuniq=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=377670A1DFDF1E5

Request Chain 58

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=4D4EC0E24BE5CB69&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=4D4EC0E24BE5CB69&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 59

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=4D4EC0E24BE5CB69&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=4D4EC0E24BE5CB69&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 60

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=4D4EC0E24BE5CB69&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=4D4EC0E24BE5CB69&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 61

https://yandex.ru/an/mapuid/operacom/ HTTP 302
https://yandex.ru/an/mapuid/operacom/?redir-setuniq=1 HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=55232F28F30FA837

Request Chain 62

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/34f0bae79ea356169d15898c391beab8e7b4d7e63bd49d44d8d3f931718a3c4b

Request Chain 65

https://dmg.digitaltarget.ru/1/119/i/i?i=1654494064 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1654494064 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/P2BNbahLnr.bUEb7jnzV

Request Chain 66

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
https://an.yandex.ru/mapuid/buzzooladspis/fd3f16ed-d3cb-47f0-79fe-436161085010

Request Chain 67

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/mapuid/targetrtbis/?sign=3971380842

Request Chain 69

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 70

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
https://an.yandex.ru/mapuid/getintentis/eTZb8DeV23j.AikABlGBN4f0Yg

Request Chain 71

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2369447767 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/LPqKrjY2qTpXvmzrOJHmqu

Request Chain 72

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/oLHanCLZzYuRwbqQeZWE

Request Chain 73

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=ce732517-204f-4a0b-9a97-251ba6948384&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fce732517-204f-4a0b-9a97-251ba6948384 HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/ce732517-204f-4a0b-9a97-251ba6948384

Request Chain 74

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=21aa2b678226486d8d2c851ab82c7648 HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=21aa2b678226486d8d2c851ab82c7648

Request Chain 77

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/42399f60-e55b-11ec-ad67-f832e4719dd9?sign=709427015

Request Chain 80

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://df089091-d683-4852-963b-dcc68ddcd0f8.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/df089091-d683-4852-963b-dcc68ddcd0f8

Request Chain 81

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/eDL4sqFG1GMiAjqSQVe5nw?sign=2832928389

Request Chain 82

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/2Muri_A4SnI1?sign=3981229675

Request Chain 83

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/gFlfQTkJaJSO

Request Chain 99

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=c5OdYpWBDJK-mLAPvYWwmAM&random=1624416883&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1624416883&crd=&is_vtc=1&random=1374547091 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1624416883&crd=&is_vtc=1&random=1374547091&ipr=y

Request Chain 100

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=c5OdYoWBDOTImwfkjIyQDA&random=919949279&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=919949279&crd=&is_vtc=1&random=2701389980 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=919949279&crd=&is_vtc=1&random=2701389980&ipr=y

114 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nefakt.info/290173/ 72 KB
18 KB 272ms
88ms Document
text/html 5.188.57.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.188.57.51 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 14b2d3f91d00f7e40e1beb94b4e176917907986fd7e66e2a4909f5f3c3db6fc4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 238936
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 18386
content-type: text/html; charset=UTF-8
date: Fri, 03 Jun 2022 11:18:47 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Fri, 03 Jun 2022 11:18:47 GMT
pragma: no-cache
vary: Accept-Encoding
wsr-cache: HIT 1 (362)

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 140ms
46ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%7CBad+Script&subset=cyrillic&display=swap

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd67d73fc9cb57580ae9ba6289e208ae518a660f1c72a13f13150b20bad4690e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 05:41:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Jun 2022 05:41:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Jun 2022 05:41:03 GMT

GET
H2 200 style.min.css
nefakt.info/wp-content/themes/reboot/assets/css/ 220 KB
40 KB 125ms
123ms Stylesheet
text/css 5.188.57.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://nefakt.info/wp-content/themes/reboot/assets/css/style.min.css
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.188.57.51 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 4083cccccc99ac4bfba67250c3ae25010c336dce07cd29a4144f70c712bfb04b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/290173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:10:53 GMT
content-encoding: gzip
last-modified: Sun, 16 Jan 2022 12:37:41 GMT
age: 1810
etag: W/"61e41195-36f0d"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800, stale-while-revalidate=120960, stale-if-error=1209600
accept-ranges: bytes
wsr-cache: HIT 3 (363)
content-length: 40864
expires: Mon, 13 Jun 2022 05:10:53 GMT

GET
H2 200 jquery.min.js Show response
nefakt.info/wp-includes/js/jquery/ 87 KB
30 KB 90ms
88ms Script
application/javascript 5.188.57.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://nefakt.info/wp-includes/js/jquery/jquery.min.js
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.188.57.51 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/290173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:10:53 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 06:50:09 GMT
age: 1810
etag: W/"611221a1-15db1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800, stale-while-revalidate=120960, stale-if-error=1209600
accept-ranges: bytes
wsr-cache: HIT 2 (363)
content-length: 30881
expires: Mon, 13 Jun 2022 05:10:53 GMT

GET
H2 200 wpshop-core.ttf
nefakt.info/wp-content/themes/reboot/assets/fonts/ 57 KB
26 KB 144ms
143ms Font
font/ttf 5.188.57.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://nefakt.info/wp-content/themes/reboot/assets/fonts/wpshop-core.ttf
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.188.57.51 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde

Request headers

Referer: https://nefakt.info/290173/
Origin: https://nefakt.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 01:53:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Jan 2022 12:37:41 GMT
age: 532049
etag: W/"e52c-5d5b24d49989b"
vary: WSR-HTTPS, Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 359 (363)
content-length: 26002
expires: Thu, 30 May 2024 01:53:34 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 283 KB
77 KB 309ms
106ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e8246c4b7ab5e537bcc6bac6571880ba0ae6f809e3be6fa94beecb53111073e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1654494064089748-15520942940517036216-sas6-5248-baf-sas-l7-balancer-8080-BAL-2427
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 06 Jun 2022 06:41:04 GMT

GET
H2 200 687pkyfn.php Show response
jlzbnl.com/4zb71l219ilv0pmy038qh/876uqv/ 58 KB
19 KB 303ms
140ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jlzbnl.com/4zb71l219ilv0pmy038qh/876uqv/687pkyfn.php
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 1635bc26e991d74529fe20db6a0e4fa4e11d1a315e4c6527e78ebe405b47dc63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:04 GMT
content-encoding: gzip
last-modified: Thu, 26 May 2022 11:09:48 GMT
server: nginx/1.14.2
etag: "628f5ffc-4aeb"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 19179

GET
H2 200 scripts.min.js Show response
nefakt.info/wp-content/themes/reboot/assets/js/ 51 KB
10 KB 195ms
195ms Script
application/javascript 5.188.57.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://nefakt.info/wp-content/themes/reboot/assets/js/scripts.min.js
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.188.57.51 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: ce29617437dd18739d6ae9d119ff943623838d35e23f4657c651ee40a066ac35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/290173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:10:53 GMT
content-encoding: gzip
last-modified: Sun, 16 Jan 2022 12:37:41 GMT
age: 1810
etag: W/"61e41195-cca4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800, stale-while-revalidate=120960, stale-if-error=1209600
accept-ranges: bytes
wsr-cache: HIT 2 (362)
content-length: 9988
expires: Mon, 13 Jun 2022 05:10:53 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 203 KB
70 KB 382ms
180ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b5f92e1710378e03286e4e83457c515702902b0a7f72a8dcee69341eb59ed994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:04 GMT
content-encoding: br
last-modified: Fri, 03 Jun 2022 13:26:02 GMT
etag: "6299e1ba-1161a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71194
expires: Mon, 06 Jun 2022 06:41:04 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v24/ 20 KB
20 KB 184ms
78ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%7CBad+Script&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93a1679cf7d6af1e698e3712191d26fb7aa77ea00cfa2df453d05e0964b32b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nefakt.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:19:24 GMT
x-content-type-options: nosniff
age: 476499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20480
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:19:24 GMT

GET
H2 200 6NUT8F6PJgbFWQn47_x7pO8kzO1A.woff2
fonts.gstatic.com/s/badscript/v16/ 14 KB
14 KB 200ms
94ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/badscript/v16/6NUT8F6PJgbFWQn47_x7pO8kzO1A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%7CBad+Script&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99e3e1f170fcf7976ae941f94285fa069a9000798509f545b8fb100a32cd5bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nefakt.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:28:48 GMT
x-content-type-options: nosniff
age: 382335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14016
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:38:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 19:28:48 GMT

GET
H2 200 6NUT8F6PJgbFWQn47_x7pOskzA.woff2
fonts.gstatic.com/s/badscript/v16/ 18 KB
18 KB 204ms
106ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/badscript/v16/6NUT8F6PJgbFWQn47_x7pOskzA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%7CBad+Script&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71fe123751681d7aadfac82f6110323fe52bb091f433be66d282249699f4582b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nefakt.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 09:18:44 GMT
x-content-type-options: nosniff
age: 418939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18640
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 09:18:44 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 30 KB
31 KB 133ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%7CBad+Script&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nefakt.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:07:05 GMT
x-content-type-options: nosniff
age: 477238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:07:05 GMT

GET
DATA 200
OK truncated
/ 969 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 401503518894f575673732c689a7885c78bb615900c0c3f726765eb4ce6aa799

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 290 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5aab9ecebd2bc2f003980fdde59b97aad0fd105312d99fa50fcab580099aaf3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 442 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17df1f2891553baf6c74c4eef8cd0dd9fb73a5669f9f89d67183a8bfe41acfd2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 626 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e9cca040634f071c068f7f483dfeef82d8589b4082c8cbdc5301951647ba71b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 544 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 255df06063ef8b4f994c1ae9d232d7c4f27c95b853a68fd9c03e31f4dd6b0031

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4192547933c47032776c86cc04805a86655e4580d0c82b46787a120fcd96c146

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 404 stroyka_3_02-300x200.jpg
nefakt.info/wp-content/uploads/2014/05/ 61 KB
61 KB 470ms
469ms Image
text/html 5.188.57.51
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nefakt.info/wp-content/uploads/2014/05/stroyka_3_02-300x200.jpg
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.188.57.51 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: c95b3702ba55678b1f75d093df195e6455b38ed5fa467bac7deea152c7262bc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/290173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:04 GMT
content-encoding: gzip
age: 0
vary: WSR-HTTPS, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
wsr-cache: MISS (362)
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 patrony-orden-01001-800x800-1-335x220.jpg
nefakt.info/wp-content/uploads/2022/02/ 19 KB
19 KB 92ms
91ms Image
image/jpeg 5.188.57.51
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nefakt.info/wp-content/uploads/2022/02/patrony-orden-01001-800x800-1-335x220.jpg
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.188.57.51 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: e88d143d8b60486155fe7c8f308519df536e29ee28c4c4e2daba3067e9a5219a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/290173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 06:53:35 GMT
last-modified: Wed, 23 Feb 2022 09:43:42 GMT
age: 514048
etag: "621601ce-4b59"
content-type: image/jpeg
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 28 (363)
content-length: 19289
expires: Thu, 30 May 2024 06:53:35 GMT

GET
H2 200 kak-polnostyu-otstirat-zhirnoe-pyatno-na-odezhde1-335x220.jpg
nefakt.info/wp-content/uploads/2022/02/ 13 KB
13 KB 85ms
84ms Image
image/jpeg 5.188.57.51
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nefakt.info/wp-content/uploads/2022/02/kak-polnostyu-otstirat-zhirnoe-pyatno-na-odezhde1-335x220.jpg
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.188.57.51 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 38a61e6b58ed70212156c4a6c51cc3ecb421b3e0692f3055ed0b740b742bd17a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/290173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 06:53:35 GMT
last-modified: Wed, 02 Feb 2022 14:18:59 GMT
age: 514048
etag: "61fa92d3-344c"
content-type: image/jpeg
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 29 (362)
content-length: 13388
expires: Thu, 30 May 2024 06:53:35 GMT

GET
H2 200 2-2-335x220.jpg
nefakt.info/wp-content/uploads/2021/10/ 15 KB
15 KB 99ms
98ms Image
image/jpeg 5.188.57.51
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nefakt.info/wp-content/uploads/2021/10/2-2-335x220.jpg
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.188.57.51 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 630926739cd402f9f898e468555e2ba2e79db538919ef0879119b8e4cc796075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/290173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 06:53:35 GMT
last-modified: Fri, 15 Oct 2021 10:59:14 GMT
age: 514047
etag: "61695f02-3afa"
content-type: image/jpeg
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 28 (362)
content-length: 15098
expires: Thu, 30 May 2024 06:53:35 GMT

GET
H2 200 p1120311.jpg_16432_p0-335x220.jpg
nefakt.info/wp-content/uploads/2021/10/ 13 KB
13 KB 106ms
106ms Image
image/jpeg 5.188.57.51
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nefakt.info/wp-content/uploads/2021/10/p1120311.jpg_16432_p0-335x220.jpg
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.188.57.51 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 2cee782ee4d506975d017aae6b711462d6ae80e70a83dd42a6d86a59173704aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/290173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 06:53:35 GMT
last-modified: Fri, 15 Oct 2021 10:42:51 GMT
age: 514047
etag: "61695b2b-3227"
content-type: image/jpeg
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 28 (362)
content-length: 12839
expires: Thu, 30 May 2024 06:53:35 GMT

GET
H2 200 maxresdefault-335x220.jpg
nefakt.info/wp-content/uploads/2021/10/ 24 KB
24 KB 116ms
115ms Image
image/jpeg 5.188.57.51
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nefakt.info/wp-content/uploads/2021/10/maxresdefault-335x220.jpg
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.188.57.51 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: befe2a3930a23b6abad4df39ee8470c0d5cd1b2cb287f52446c177c264398804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/290173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 06:53:36 GMT
last-modified: Fri, 15 Oct 2021 10:32:56 GMT
age: 514047
etag: "616958d8-5e95"
content-type: image/jpeg
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 24 (363)
content-length: 24213
expires: Thu, 30 May 2024 06:53:36 GMT

GET
H2 200 maxresdefault-335x220.jpg
nefakt.info/wp-content/uploads/2021/08/ 8 KB
9 KB 112ms
111ms Image
image/jpeg 5.188.57.51
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nefakt.info/wp-content/uploads/2021/08/maxresdefault-335x220.jpg
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.188.57.51 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: a7e37ef7d56b5113569cdf319545a0c98293f39e1d5cec35fd39e613f807eb6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/290173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 06:53:36 GMT
last-modified: Tue, 10 Aug 2021 06:59:37 GMT
age: 514047
etag: "611223d9-2128"
content-type: image/jpeg
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 23 (363)
content-length: 8488
expires: Thu, 30 May 2024 06:53:36 GMT

GET
H2 200 render Show response
jlzbnl.com/v4/ 15 KB
5 KB 228ms
83ms XHR
text/html 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jlzbnl.com/v4/render?surfer_uuid=7abdee7a-0cde-4f6e-bcd5-8774c04860b2&referrer=https%3A%2F%2Fnefakt.info%2F290173%2F&page_load_uuid=b7fba1a6-f2d7-44af-a00f-0b9e359cb26c&page_depth=1&6070r899zyf=c48650c2-2d71-4252-bfc7-70a5f77f1f84&block_uuid=c48650c2-2d71-4252-bfc7-70a5f77f1f84&refresh_depth=1&safari_multiple_request=85
Requested by: Host: jlzbnl.com
URL: https://jlzbnl.com/4zb71l219ilv0pmy038qh/876uqv/687pkyfn.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 2995be1b6599e3bedc1ef6a75799b6381cc8960431ccc3fd0898710870723e80

Request headers

Referer: https://nefakt.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 06 Jun 2022 05:41:04 GMT
cache-control: no-cache, private
server: nginx/1.14.2
content-encoding: gzip
content-type: text/html; charset=UTF-8

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9661.uW2Y6wCHUrHPxI9FXRNC0LOPzSghYp33FxsrAk4cCuTDsqWtGZOzt4R9u49xu1mA.neMoYXer3xdqU65KQim3_UK9am8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9661.DXIlwBRu-lyebYeGelQFS1qO0o1DXcUNPrPSgjcPIsZaacWEnrFoMAU5nfMNkCsPJS87nro--Vh9nTfrEpSwWA%2C%2C.5iyeQbzcn_D7caFYIS55a0bsSTQ%2C

75 B
75 B

90ms
90ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9661.DXIlwBRu-lyebYeGelQFS1qO0o1DXcUNPrPSgjcPIsZaacWEnrFoMAU5nfMNkCsPJS87nro--Vh9nTfrEpSwWA%2C%2C.5iyeQbzcn_D7caFYIS55a0bsSTQ%2C

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:04 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9661.DXIlwBRu-lyebYeGelQFS1qO0o1DXcUNPrPSgjcPIsZaacWEnrFoMAU5nfMNkCsPJS87nro--Vh9nTfrEpSwWA%2C%2C.5iyeQbzcn_D7caFYIS55a0bsSTQ%2C
date: Mon, 06 Jun 2022 05:41:04 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 90ms
89ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:04 GMT
last-modified: Fri, 03 Jun 2022 13:26:02 GMT
etag: "6299e1ba-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 06 Jun 2022 06:41:04 GMT

GET
H2 200 068d40bbd510d14d479c.js Show response
yastatic.net/partner-code-bundles/591227/ 13 KB
5 KB 186ms
62ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/591227/068d40bbd510d14d479c.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5b57f2085cb8eaa2a6985da8d96a71350afdda0619a470f966dc0d39bd1b2bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nefakt.info/
Origin: https://nefakt.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:04 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4472
last-modified: Thu, 02 Jun 2022 15:49:53 GMT
server: nginx/1.17.9
etag: "3c8c182f37ef9d7fe9814d28d0d07192"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2052 12:14:12 GMT

GET
H2 200 e5e6958d312db53dcafd.js Show response
yastatic.net/partner-code-bundles/591227/ 86 KB
18 KB 248ms
125ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/591227/e5e6958d312db53dcafd.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3ec3b46bd559eb524c7301c8ce3d90f479b249c96cc7b28e235b4a9ab577059e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nefakt.info/
Origin: https://nefakt.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:04 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17789
last-modified: Thu, 02 Jun 2022 15:49:54 GMT
server: nginx/1.17.9
etag: "967c306abafdd1f41541caa393e4dbe3"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2052 12:13:52 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 267ms
144ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nefakt.info/
Origin: https://nefakt.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:04 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2052 12:14:40 GMT

GET
H2 200 250298 Show response
yandex.ru/ads/meta/ 93 KB
30 KB 255ms
254ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/250298?target-ref=https%3A%2F%2Fnefakt.info%2F290173%2F&charset=utf-8&pcode-test-ids=575087%2C0%2C72%3B586085%2C0%2C34%3B591943%2C0%2C94%3B586227%2C0%2C17%3B591217%2C0%2C33%3B591220%2C0%2C94%3B406668%2C0%2C68%3B591259%2C0%2C73%3B574104%2C0%2C-1%3B587258%2C0%2C-1%3B588105%2C0%2C-1%3B204299%2C0%2C30&pcode-flags-map=eJytV02P2zYQ%2FSuFz0ZAUaIo5UZLlE2sJCokZa8TBIMU3VtQFG1SFAjy3zuU5A9pvfQu2osNGH6PQ86bmTc%2FVn2rKm0a4VbvP%2F1Y%2Ff3l6%2Fen1fuVbMWmlqv16tvTX9%2FUb%2FhLQnPC89XPz%2BtVsRPtVkJRq%2BIB3M7ofruDWm9VMeMQhVO6hU3vHH51Rmmj3HHGGVNO6cC5FxZaeYBC1DU4DRPYycd5YM70s7AYYyRLBooxZuhb23edNk6WGJQopQFbGNU5sKaAgzCtard3ODlL%2BDmsRo%2BhCFVrA4X2n52opXMSWtHIGVettjsHm%2B2Mj8eEs4HPyE4KB%2FtGdGDkh15aB6JyGKNqja7rcFycJ1F6jqu3ErpCl5gJ3TQYoXBOFDuwO1Hqwx2mPEuyM1OhW6uGh9rpAzjl8BlFW8JGl0cQJd7W4D0xyjBplrIoPpMqCdbpDrTbIbNDzUDT107dv2bGGU2f8bwZrLatNhIaZS1KoRROjBexgIKHPV5Y46v7x9voGefTP3%2FMKHOSsDF9pbKDxgpr3k6S5ex8KesGnr00FrU1A7Is56i%2BGTZi0YgVZaUfoUEh75VVG1VjRQGmfqjF0PkJ5XFMBg6s%2BKku%2FBVE013jvv35%2FWkGy%2BJ8gqHcrPVCXWKen3UG3Yx3gyEf2rmaPkVpllK%2BpvhQjOFXlmXROmZJlGVrGucs9l%2BM8HRN0yRJ4jUlNCLk9JeY5GmKcE5yEiGcJ0n2%2BTomnkckmmICK2ULemOl2S9E%2FfT7l1%2B%2FPs2bVErzsRtUCu%2BC99%2FJocpbF36GhMX5eORH2VKs91JaFCXQCD7EKAHZQRwkYJTmY0F1RmJHBOM2%2BP61amUQx2nOxogL3bfO99PHnQlCMp7RsY0esfLlI5geSt0I1QZVTTiNp1KdlQJUfV1j28V3DuKjmE6q9G%2B7MfoBE4PvClujyjCSY7%2B5GTBglTqjNkE4aidNLrnx4cJBlW4HqhHb4POi4JKMXLCnprDRxheVEaXq7S%2BvZDgKH%2FcYMIj6II42jIz5pKmy8iPEdti7JfbsRup%2BPiopIWSOTUg83vk0NhDauvB5DGmuStlI3ztO54F8DJYAHsk5fQ5XlR8rB98I7ynkBYZTAHtR97NsxeQ2enIHozpV22GSQZgmfHYaTfUnSmwUTtlhUFcasASD7RZdCQ6NAVpLtBxoInAU7YVRYvHgdAmb0ruoJyPRuZQ4x15ZWMh0yrUwKBAc3%2BIiF2kMtn60bNccbIbPSEKm1jMaN9%2B290oevLUKHp3ydOr%2B%2Fu%2FQon0qJM7xZhuEcYq4AWZthz6w2EkfIXTSFAuV%2Br5%2FjWRRnlxJhDwSnKzYDLR1KnhmFrHpzKLW7fmVGr0fZl0YS3kWv4Ad46D%2FER%2B9Ej9AOlE8oH0bmv1Q3nfAmKWxjUh0shKw%2FaK4DkZ0%2BN6nAfcGe5PhlByFi6aimDK3aKQLb4EjnrKxOP1cs2j9MQ4cc3r28NG7aO6F0A3MzFipjMTZWNzJVx7xaVHAG1Yese%2FmiOjdvBg5rhaXNWBoO1vj3ZZt%2FJZyQ5i3PDHJLrYP4WijLBwFGkAsC7%2BSvAU%2FNTG%2FKJ3zPZmKZplyXVWL%2B%2BfJxZ2L3umtRBMm%2FJ50Ievxh6UjxTnh0HgH2CbZmnbaFaAyunneJCtR2%2BX1KOVT6dryYenGfLajpRf2v5xEc%2BmGL%2BtngaYvO9OQESZpmmaX4XkrUpYvI2WjUrdGbMLNABc7klz%2BC1Z9nGWTRZSE%2Fn9j%2FkfsBcR482kEoppxJ63F0c811fo%2B7wyqAXdk3xPCNc%2FRpt8aVn5VmNzQIASLuzIShp0N%2Bn3C7rCN3ur%2FIi1lJXCpPJGPy%2BGr6H7%2BC6hO93g%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=WlC%2FuCHiDqmGPBw5BEPgw9H9eCOiLctCMUbV5XQjlGLAedTCscoPU9u0smvQOFzDZXxzPr4FqiYsC7KEvh8PX3xlTQY%3D&duid=MTY1NDQ5NDA2NDU4MDMyNDczNA%3D%3D&imp-id=6&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=208357453463554&ad-session-id=8311461654494064424&target-id=9556730&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fnefakt.info&top-ancestor-undetermined=0&pcode-version=591227&pcodever=591227&flash-ver=0&available-width=300&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1050%2C%22top%22%3A262%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=4280&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNjl9CjKlpJAkN-qBMFDnByZrkDaRpFfVLUi6ftGv0wXlr-2STGm7vlttB7JJKI6txLFuyb_uyzZZol-w9DdNlzRF_QL6G8AVxiBm3lakRSHZPt13kjHzmDFjNIhBjFvfheTguxwX3fVc7gLkOPgOniusrnj5UBaY54rOKnSg12F0pMsuXMqey3cwXa6D5eDUId8BzPIKlp3jimtaXcgLB4IrGV6jK1x6ILkcxORgGUfEpC4EupRcr7o8VzK8yybclvkOFtWS47KHjoNfF1dJdQULyBLrSBvqxWF4XbTtWTJwXnVwF1ay0C28g1cRG4h8lVpvIIoTjd7gR7461oOpshkoGy8DZXevCzUEVatOggAo1Iow8FM_VinUiR-nmpgkkan9GkRKYnVcgKZDuQ7wSJOSAY2CHDTSzEwSylWJnwZ-otQkck2Fq0hjlS7WpPI4UITKIII3ZGtiXSJP5RExkU-tN2gieBmPIPLj5U5sGMJIkaojJWENtPI4Vi7JiSaWb4NwFjIX4tPsuchdVEF98UTnQl3ETEUxDJRJVyWWm3BOCy-JTK1m6L0wpZFSOZQjOLGGPl2dfFG26GjWAjzR0y7Gdk556gpWsjXxIjJS-FGopB6oOJOMnAEIS6x4ovj5Yi8A_sb_MEN5QG6AGSgVmRzK3HrGvyA9iBO5loiahSZls-kNysSmoEoiZbowEXEyDdNFBzPtXF67dHqDTG1TipWy5VJHL3Vpp-s-nIUDxHs5e5OK38l0PUbKkBYBog4OsY0IB5eRIt2CYjJSBeimWbqYCsd_6Dc8FcAfr2RkBPhySRm5gB8s69PSn-7dKTiM9AA1zz4k_N7ZDpZFnVKmZk7w1oYhGrWh0o-VPq1oKwydaRaGzJqs7y7z5I0VqvMncj_Srt9o14XG7RouU8xM9v9nDzi_T6AorOsAvixIFTKdOgqIKtPVa_eliUM5QRr74bblx3vxyjAHcKBIlBnYi8nfrIonq9YJtpPAzilsOhnoiSYiz70sYhbX3yE1WD6mdVpy1qo0bqrYn7pMqyzsicwnCuX0WNWJLl63dQHtittWF6RWF-q2iNZNusjVhdZRu31jTjBkNDAQ50eqGHy4Ql7L6mAfdcUHGzuysYAbLDRIgRfFcAPwEQKxRARvjNsbotcWYIMmdCNIptybICNlThYD9prEBw9KIa2D4m5e-MXgiB_LnEzcVFpPRm6kQGgkoyBHNNZOFTMHL2O6ivcuRntGgS8PlcR6F5A_m4c9msuh6qJNnrEmUsXz-SU4qwNjo3lOkb9dzkyXbPCsca3Lj7FNcWa_o8yO76xT7YBfaqjTR_0SFy6COcu_0eZg3hrCOJb7eRtpDvbkbth5A_U0vBt8TvOVRzbO4Je8WenpD_bCpVNcvs6bmYhDWSrs-994u9Su3CGi799Hlbg_b4lyMByYyz7lL-Ud3xUMg7gRzCmuy4wq4SCfk2FFx2ibcaAfJazE3pTzxuB_cPYLLD2Y0_0n5UIGuwfkGOcphcujOlHld7gfiZjH8x-NskkfFEmO_iX46J_82SSusZhA9V7Nt4f-UiPX72_o1pvnb94aAMzUyDQumNT0MsMvRlzSdd7fLU2JJ0C3b7x6ntLVZgoj9_TTm4xO3lAXOlyLCN4UTfhY9V5_6MNLNUtq6QMYxLF6Wwj2GwPpX91baOYP8tCcuo-JwV46wg5v6YmzY76poT_KBEuKJOOA2gHDfd3wlnm2Tgdyh3KXUPD-JR0t5oqdIDrXM_gxb4xn4CibSPYGF_Em1BvXN66ftEd90Zr9RJEQx2t8g3hchYhUD4aU_jXjpPPZ_7Xsd-V47OSNOTajsq0vc8uTc-CWK29oPiwn7OfN7_mD3RikkjkaWfnEXMzZxZp9bF1PPjJvYyYg8qO3N60pcnCKGSnePikR22SLjoBypmNcOEc8qm1xujx9-hzboZafzxjlS4S0BN2_7EfHq7cEKI3QUsTaAf4ydtX_n5L1KWjdudiOL2vRT0LE7bBPEH8BYR8TXv2q9hxYz93hhO9l3tj06jOZzSEgGDT2GU7V2gmKu3d05m0mMn9_wU9SIp_bN_JaDwnHaMjJFhqtf1g4Hmm81yuujFOVGGP5KeDi9tMpWjm0ftZFwD8sP-tJ6vuibcy921iv2r7vHZmWuV9SsW8IsUyhyvo4c34i274i98Ghf4RjjYub_atfhVvQiZJzLnJwOuiGgFLqYjRLwfjdbofyt8OkdXuAui3zJ1yhbb0fxbwTMGj3XlD8XP0v_IKSdtXxlv9ax8TADXJKzc9NxWrsrttl9Ti71_TSVpV9HDibf8xZ6ILDsctQR6ZiNHRLvHAcsu3huhW-7Y7irccxtl9WyHwt3cP86zrv5zr_vt33PAHXK5rbBqQJQRlCFqNnKr9h38nXCf1h4bWJshIEfqsELSPfe01w7Hu-IxZdoxwd7D5oRkt0PCQf1VNf9GdF0HHGOe7z1L_F0vCYTtz7J_fxAnUGcD0m5fFnBGJ0iOcRiZZ1ONZ2P7Tt7XhlbUmRTqnKxZ9J_KjKAzVPsK4s6g1yHec_doMNXkfwFLoD8lHeyZtrn4veAJ91tjnH7ZDvlP48BgLhl_4N-_h52QmL2e8EbXKIZ8O6kv7BNe7ibNbLYv0J2MGSrf1E6WQTpilg7Gjs7WxzZNzmbjJ-vz9rgH385mC03dOevsz2hPnw-fYVY9ZGhnDMt8AyMxmrwwvLAsO2rYDYyChfpiyaC-vwlid-pCROdSEcatoc8OG3OPm6E-xy9Hh5sXZRMWiKfVuBDkJtlKgtue9oAxk-GUFjpgE30hDHtlTfJJvfNgiX3BYe1tUjWbjNUk9mQu0eIPzpr8C_TPNwzU-zhya-NlD4OnWoJWSSmb4FBkzk8UjONBe1B-b6QZvmWaeVZYWeCO6tuNiKSoZWLwAfwXZQLcDSFF48KUqYZXU2dYtSmpYWqS0x3uj37JQMYQ6JsROC9lHebN4pZxvb-Vky0uqCMOb5PfFbuyajICOrd31Rlm_SagM-fBYRnG09uc-2pb0tUP5VFrMXiq2ImHWKQVX7hs22Nc_i3o2HyGqZRYcwN6sNVaoNqIBaT0FXATBTK_J3ciOpKzCyKBE00AKe9EOZaG9baNYiUPsb-tvZt8bc310tXzuqKBZQK9DNazyrcHv0bVaKubzwG6mZBkjXyVJw2pjlP7vh_ei2hVf2rvRunkWzLsva_7b4smwdmnZogLMUIwIXKZ5_aTSgX4PudfOvM2tRbTBaMSsa5gQd3hi7O2ilQFraITJZe96XmPRmU-Iit3k4MSx-b4mZ-VfHBWUswegs2QxgPf-IjAjBaf6BEBJGiyvIBPI4-Ji2fPu-MQdGDnpXmv-hxulpXcuzcvKR5x3DpEaW5DnSsZS431bSbxick8t__Fz8tQQD4n7aW0kIrH31osWLNwXlOa-pX1JtdpvR05ey-BJV5CxG3YNa5lmVM9vnhshBM98QWM8bOHRbyFsFWGUMFSGQqKvQTv1srVu7_IoAZMD1321Ni2S6IuooGhGfV4GUqAm3EVBISORhoqmAT9RqgngqDjrSkg38h9qkC_XyRW9xwzAJ7bdzWDkFbQtvUOn1D0xLv4nXJ5KpdMokUqcWeODJnLOkwYAdsX3f5kjVrj7bagL61W3uP1CClO9EEv5U5l_F-_7AtsXSV4bxmfwGrNcAIQB0nACkBqCqQllPBN5_-NKDEUrh3Whzv3PRWn-dj8_qLNcCSw84Zb5xbeXlxmckExVh7UO7vkmWXgFAu2cKDy6-CZxXBKCmVld3r8_zlsdxgGnpN0cGpB-V9Kb_IjHzQbFI1IXFhECZk5_Es8o9Jud822oBGWlOD-Wajahdv8j_s0i9SPRLoGQxaqsDeJZkuge_JA9-yRN7qCyxAhjKOU1gTODpkIShH8sPVunqfbG8boabkz7NaoJ6VUECdZwSyxMCmiBfL9RogXy9MOhC3w9V9FgjJcl6WdGX6YJYvdJFVkNDCx2riCRykgHXcFfzKEQmuJRex8yU7Ypukw0uQG8WyYDwuozkLGksa7fgWU7KFnzYYhJR3hIOjrE2eFm2UK4FqnSEgjZOVC2KO7lekfW3x7ZIDm0--pFWtDizmGtWcrtwg6W7ZZrZxG8RorEadLIttpJ2yROtNlb41HpQgGigbHosVYiUgQ0Sfk2gIyAOQ-IB3wGB5oqDJvZjrR_KDZRLbyEeUN0OiKwH9K0A-g%3D%3D&uniformat=true&callback=Ya%5B8672111152849%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2fdd4cc68b67f4242492a8e9d6627ff6822621e6695f08a41d49d214816d48a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nefakt.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Jun 2022 05:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1654494064494859-3000376960368999377-sas6-5248-baf-sas-l7-balancer-8080-BAL-9454
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 06 Jun 2022 05:41:04 GMT
uniformat: true
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 06 Jun 2022 05:41:04 GMT

GET
H2 200 a26ad509ab6c990f3812.js Show response
yastatic.net/partner-code-bundles/591227/ 503 KB
104 KB 249ms
176ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/591227/a26ad509ab6c990f3812.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

162e3c1418cb635269ebc9cc02c681d0a356371d99dd862c078eb17d095138de

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nefakt.info/
Origin: https://nefakt.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:04 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 105370
last-modified: Thu, 02 Jun 2022 15:49:53 GMT
server: nginx/1.17.9
etag: "d94caf4e139a48301e6d9a00190e99ef"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2052 12:14:12 GMT

GET
H2 200 d0b6268ec8e0d8fc.jpeg
jlzbnl.com/.cdn/3a8241/7d0665/572bc47d86264450a4b791ee6cef10f5/ 17 KB
17 KB 71ms
70ms Image
image/jpeg 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jlzbnl.com/.cdn/3a8241/7d0665/572bc47d86264450a4b791ee6cef10f5/d0b6268ec8e0d8fc.jpeg
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 4a00550e3daa88e365c0c91b179721198cb4152f1a6143981fcfb41cf582401c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:04 GMT
last-modified: Wed, 27 Apr 2022 07:11:10 GMT
server: nginx/1.14.2
etag: "6268ec8e-42da"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 17114

GET
H2 200 d0b623d948530c7f.jpeg
jlzbnl.com/.cdn/3a8241/e45ee7/97277af26d5d40b69abd740b4e82491d/ 21 KB
21 KB 140ms
140ms Image
image/jpeg 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jlzbnl.com/.cdn/3a8241/e45ee7/97277af26d5d40b69abd740b4e82491d/d0b623d948530c7f.jpeg
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 177de7c18ac7e99755daef737d58968c643b313b327632184df9e77b9af188b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:04 GMT
last-modified: Fri, 25 Mar 2022 10:08:05 GMT
server: nginx/1.14.2
etag: "623d9485-5295"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 21141

GET
H2 200 d0b61fccc60785cd.jpeg
jlzbnl.com/.cdn/3a8241/a2ef40/8ae63a175e7442adabdf3a2fe0694c5d/ 12 KB
12 KB 141ms
140ms Image
image/jpeg 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jlzbnl.com/.cdn/3a8241/a2ef40/8ae63a175e7442adabdf3a2fe0694c5d/d0b61fccc60785cd.jpeg
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: d53b024c49f4d2cbf4105c1886af5682bc95393d52f13bb3e7f5eab398250a59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:04 GMT
last-modified: Fri, 04 Feb 2022 06:49:04 GMT
server: nginx/1.14.2
etag: "61fccc60-2f5c"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12124

GET
H2 200 css
fonts.googleapis.com/ 12 KB
925 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b345abe33a4f53c748b8b6858bbe2c0380add9fbbec748044d2e76d6f0bd681d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:23:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Jun 2022 05:41:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Jun 2022 05:41:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nefakt.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:43:04 GMT
x-content-type-options: nosniff
age: 579480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 12:43:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nefakt.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 551481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 20:29:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nefakt.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 585197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 11:07:47 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/45733872/
Redirect Chain

https://mc.yandex.com/watch/45733872?wmode=7&page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A569%3Afu%3A0%3Aen%3Autf...
https://mc.yandex.com/watch/45733872/1?wmode=7&page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A569%3Afu%3A0%3Aen%3Au...

357 B
448 B

98ms
97ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/45733872/1?wmode=7&page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A569%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A1114697495065%3Ahid%3A159614450%3Az%3A0%3Ai%3A20220606054104%3Aet%3A1654494064%3Ac%3A1%3Arn%3A367897071%3Arqn%3A1%3Au%3A1654494064580324734%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654494063304%3Ads%3A11%2C172%2C88%2C79%2C0%2C0%2C%2C258%2C0%2C%2C%2C%2C609%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654494065%3At%3A%D0%9E%D1%81%D0%BE%D0%B1%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%D0%BE%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D0%B5%D0%BA%D1%82%D0%BE%D0%B2%20-%20%D0%9D%D0%B5%D0%A4%D0%B0%D0%BA%D1%82.%D0%B8%D0%BD%D1%84%D0%BE&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

639eedb19aefd64d30dc800c3cf5961057f54327168a97236db76a58b76d8be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 06-Jun-2022 05:41:04 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Mon, 06-Jun-2022 05:41:04 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:04 GMT
last-modified: Mon, 06-Jun-2022 05:41:04 GMT
location: /watch/45733872/1?wmode=7&page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A569%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A1114697495065%3Ahid%3A159614450%3Az%3A0%3Ai%3A20220606054104%3Aet%3A1654494064%3Ac%3A1%3Arn%3A367897071%3Arqn%3A1%3Au%3A1654494064580324734%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654494063304%3Ads%3A11%2C172%2C88%2C79%2C0%2C0%2C%2C258%2C0%2C%2C%2C%2C609%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654494065%3At%3A%D0%9E%D1%81%D0%BE%D0%B1%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%D0%BE%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D0%B5%D0%BA%D1%82%D0%BE%D0%B2%20-%20%D0%9D%D0%B5%D0%A4%D0%B0%D0%BA%D1%82.%D0%B8%D0%BD%D1%84%D0%BE&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 06-Jun-2022 05:41:04 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 308ms
89ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nefakt.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://nefakt.info
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 219ms
80ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nefakt.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/250298/
Redirect Chain

https://mc.yandex.com/watch/250298?wmode=7&page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afu%3A0%3Ae...
https://mc.yandex.com/watch/250298/1?wmode=7&page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afu%3A0%3...

338 B
373 B

91ms
91ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/250298/1?wmode=7&page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A1%3Als%3A1390744647630%3Ahid%3A159614450%3Az%3A0%3Ai%3A20220606054104%3Aet%3A1654494065%3Ac%3A1%3Arn%3A319194934%3Au%3A1654494064580324734%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654494063304%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654494065%3At%3A%D0%9E%D1%81%D0%BE%D0%B1%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%D0%BE%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D0%B5%D0%BA%D1%82%D0%BE%D0%B2%20-%20%D0%9D%D0%B5%D0%A4%D0%B0%D0%BA%D1%82.%D0%B8%D0%BD%D1%84%D0%BE&t=gdpr%2814%29mc%28p-1%29lt%2810800%29aw%281%29ti%282%29

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a0d7e666607d2dae2ca26971f846f6b1d12b6a71dee622c1bc44acb18741e435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 06-Jun-2022 05:41:04 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Mon, 06-Jun-2022 05:41:04 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:04 GMT
last-modified: Mon, 06-Jun-2022 05:41:04 GMT
location: /watch/250298/1?wmode=7&page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A1%3Als%3A1390744647630%3Ahid%3A159614450%3Az%3A0%3Ai%3A20220606054104%3Aet%3A1654494065%3Ac%3A1%3Arn%3A319194934%3Au%3A1654494064580324734%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654494063304%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654494065%3At%3A%D0%9E%D1%81%D0%BE%D0%B1%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%D0%BE%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D0%B5%D0%BA%D1%82%D0%BE%D0%B2%20-%20%D0%9D%D0%B5%D0%A4%D0%B0%D0%BA%D1%82.%D0%B8%D0%BD%D1%84%D0%BE&t=gdpr%2814%29mc%28p-1%29lt%2810800%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 06-Jun-2022 05:41:04 GMT

GET
H2 200 250298 Show response
yandex.ru/ads/meta/ 141 KB
41 KB 281ms
280ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/250298?target-ref=https%3A%2F%2Fnefakt.info%2F290173%2F&charset=utf-8&pcode-test-ids=575087%2C0%2C72%3B586085%2C0%2C34%3B591943%2C0%2C94%3B586227%2C0%2C17%3B591217%2C0%2C33%3B591220%2C0%2C94%3B406668%2C0%2C68%3B591259%2C0%2C73%3B574104%2C0%2C-1%3B587258%2C0%2C-1%3B588105%2C0%2C-1%3B204299%2C0%2C30&pcode-flags-map=eJytV02P2zYQ%2FSuFz0ZAUaIo5UZLlE2sJCokZa8TBIMU3VtQFG1SFAjy3zuU5A9pvfQu2osNGH6PQ86bmTc%2FVn2rKm0a4VbvP%2F1Y%2Ff3l6%2Fen1fuVbMWmlqv16tvTX9%2FUb%2FhLQnPC89XPz%2BtVsRPtVkJRq%2BIB3M7ofruDWm9VMeMQhVO6hU3vHH51Rmmj3HHGGVNO6cC5FxZaeYBC1DU4DRPYycd5YM70s7AYYyRLBooxZuhb23edNk6WGJQopQFbGNU5sKaAgzCtard3ODlL%2BDmsRo%2BhCFVrA4X2n52opXMSWtHIGVettjsHm%2B2Mj8eEs4HPyE4KB%2FtGdGDkh15aB6JyGKNqja7rcFycJ1F6jqu3ErpCl5gJ3TQYoXBOFDuwO1Hqwx2mPEuyM1OhW6uGh9rpAzjl8BlFW8JGl0cQJd7W4D0xyjBplrIoPpMqCdbpDrTbIbNDzUDT107dv2bGGU2f8bwZrLatNhIaZS1KoRROjBexgIKHPV5Y46v7x9voGefTP3%2FMKHOSsDF9pbKDxgpr3k6S5ex8KesGnr00FrU1A7Is56i%2BGTZi0YgVZaUfoUEh75VVG1VjRQGmfqjF0PkJ5XFMBg6s%2BKku%2FBVE013jvv35%2FWkGy%2BJ8gqHcrPVCXWKen3UG3Yx3gyEf2rmaPkVpllK%2BpvhQjOFXlmXROmZJlGVrGucs9l%2BM8HRN0yRJ4jUlNCLk9JeY5GmKcE5yEiGcJ0n2%2BTomnkckmmICK2ULemOl2S9E%2FfT7l1%2B%2FPs2bVErzsRtUCu%2BC99%2FJocpbF36GhMX5eORH2VKs91JaFCXQCD7EKAHZQRwkYJTmY0F1RmJHBOM2%2BP61amUQx2nOxogL3bfO99PHnQlCMp7RsY0esfLlI5geSt0I1QZVTTiNp1KdlQJUfV1j28V3DuKjmE6q9G%2B7MfoBE4PvClujyjCSY7%2B5GTBglTqjNkE4aidNLrnx4cJBlW4HqhHb4POi4JKMXLCnprDRxheVEaXq7S%2BvZDgKH%2FcYMIj6II42jIz5pKmy8iPEdti7JfbsRup%2BPiopIWSOTUg83vk0NhDauvB5DGmuStlI3ztO54F8DJYAHsk5fQ5XlR8rB98I7ynkBYZTAHtR97NsxeQ2enIHozpV22GSQZgmfHYaTfUnSmwUTtlhUFcasASD7RZdCQ6NAVpLtBxoInAU7YVRYvHgdAmb0ruoJyPRuZQ4x15ZWMh0yrUwKBAc3%2BIiF2kMtn60bNccbIbPSEKm1jMaN9%2B290oevLUKHp3ydOr%2B%2Fu%2FQon0qJM7xZhuEcYq4AWZthz6w2EkfIXTSFAuV%2Br5%2FjWRRnlxJhDwSnKzYDLR1KnhmFrHpzKLW7fmVGr0fZl0YS3kWv4Ad46D%2FER%2B9Ej9AOlE8oH0bmv1Q3nfAmKWxjUh0shKw%2FaK4DkZ0%2BN6nAfcGe5PhlByFi6aimDK3aKQLb4EjnrKxOP1cs2j9MQ4cc3r28NG7aO6F0A3MzFipjMTZWNzJVx7xaVHAG1Yese%2FmiOjdvBg5rhaXNWBoO1vj3ZZt%2FJZyQ5i3PDHJLrYP4WijLBwFGkAsC7%2BSvAU%2FNTG%2FKJ3zPZmKZplyXVWL%2B%2BfJxZ2L3umtRBMm%2FJ50Ievxh6UjxTnh0HgH2CbZmnbaFaAyunneJCtR2%2BX1KOVT6dryYenGfLajpRf2v5xEc%2BmGL%2BtngaYvO9OQESZpmmaX4XkrUpYvI2WjUrdGbMLNABc7klz%2BC1Z9nGWTRZSE%2Fn9j%2FkfsBcR482kEoppxJ63F0c811fo%2B7wyqAXdk3xPCNc%2FRpt8aVn5VmNzQIASLuzIShp0N%2Bn3C7rCN3ur%2FIi1lJXCpPJGPy%2BGr6H7%2BC6hO93g%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=WlC%2FuCHiDqmGPBw5BEPgw9H9eCOiLctCMUbV5XQjlGLAedTCscoPU9u0smvQOFzDZXxzPr4FqiYsC7KEvh8PX3xlTQY%3D&duid=MTY1NDQ5NDA2NDU4MDMyNDczNA%3D%3D&imp-id=5&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=208357453463554&ad-session-id=8311461654494064424&target-id=37779129&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fnefakt.info&top-ancestor-undetermined=0&pcode-version=591227&pcodever=591227&flash-ver=0&available-width=730&skip-token=yabs.NzIwNTc2MDYyNjExMTY3ODkKNzIwNTc2MDUxNzgxNTQyMjI%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A730%2C%22h%22%3A0%2C%22width%22%3A730%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A250%2C%22top%22%3A809%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A2%2C%22req_no%22%3A1%7D&grab-orig-len=4280&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNjl9CjKlpJAkN-qBMFDnByZrkDaRpFfVLUi6ftGv0wXlr-2STGm7vlttB7JJKI6txLFuyb_uyzZZol-w9DdNlzRF_QL6G8AVxiBm3lakRSHZPt13kjHzmDFjNIhBjFvfheTguxwX3fVc7gLkOPgOniusrnj5UBaY54rOKnSg12F0pMsuXMqey3cwXa6D5eDUId8BzPIKlp3jimtaXcgLB4IrGV6jK1x6ILkcxORgGUfEpC4EupRcr7o8VzK8yybclvkOFtWS47KHjoNfF1dJdQULyBLrSBvqxWF4XbTtWTJwXnVwF1ay0C28g1cRG4h8lVpvIIoTjd7gR7461oOpshkoGy8DZXevCzUEVatOggAo1Iow8FM_VinUiR-nmpgkkan9GkRKYnVcgKZDuQ7wSJOSAY2CHDTSzEwSylWJnwZ-otQkck2Fq0hjlS7WpPI4UITKIII3ZGtiXSJP5RExkU-tN2gieBmPIPLj5U5sGMJIkaojJWENtPI4Vi7JiSaWb4NwFjIX4tPsuchdVEF98UTnQl3ETEUxDJRJVyWWm3BOCy-JTK1m6L0wpZFSOZQjOLGGPl2dfFG26GjWAjzR0y7Gdk556gpWsjXxIjJS-FGopB6oOJOMnAEIS6x4ovj5Yi8A_sb_MEN5QG6AGSgVmRzK3HrGvyA9iBO5loiahSZls-kNysSmoEoiZbowEXEyDdNFBzPtXF67dHqDTG1TipWy5VJHL3Vpp-s-nIUDxHs5e5OK38l0PUbKkBYBog4OsY0IB5eRIt2CYjJSBeimWbqYCsd_6Dc8FcAfr2RkBPhySRm5gB8s69PSn-7dKTiM9AA1zz4k_N7ZDpZFnVKmZk7w1oYhGrWh0o-VPq1oKwydaRaGzJqs7y7z5I0VqvMncj_Srt9o14XG7RouU8xM9v9nDzi_T6AorOsAvixIFTKdOgqIKtPVa_eliUM5QRr74bblx3vxyjAHcKBIlBnYi8nfrIonq9YJtpPAzilsOhnoiSYiz70sYhbX3yE1WD6mdVpy1qo0bqrYn7pMqyzsicwnCuX0WNWJLl63dQHtittWF6RWF-q2iNZNusjVhdZRu31jTjBkNDAQ50eqGHy4Ql7L6mAfdcUHGzuysYAbLDRIgRfFcAPwEQKxRARvjNsbotcWYIMmdCNIptybICNlThYD9prEBw9KIa2D4m5e-MXgiB_LnEzcVFpPRm6kQGgkoyBHNNZOFTMHL2O6ivcuRntGgS8PlcR6F5A_m4c9msuh6qJNnrEmUsXz-SU4qwNjo3lOkb9dzkyXbPCsca3Lj7FNcWa_o8yO76xT7YBfaqjTR_0SFy6COcu_0eZg3hrCOJb7eRtpDvbkbth5A_U0vBt8TvOVRzbO4Je8WenpD_bCpVNcvs6bmYhDWSrs-994u9Su3CGi799Hlbg_b4lyMByYyz7lL-Ud3xUMg7gRzCmuy4wq4SCfk2FFx2ibcaAfJazE3pTzxuB_cPYLLD2Y0_0n5UIGuwfkGOcphcujOlHld7gfiZjH8x-NskkfFEmO_iX46J_82SSusZhA9V7Nt4f-UiPX72_o1pvnb94aAMzUyDQumNT0MsMvRlzSdd7fLU2JJ0C3b7x6ntLVZgoj9_TTm4xO3lAXOlyLCN4UTfhY9V5_6MNLNUtq6QMYxLF6Wwj2GwPpX91baOYP8tCcuo-JwV46wg5v6YmzY76poT_KBEuKJOOA2gHDfd3wlnm2Tgdyh3KXUPD-JR0t5oqdIDrXM_gxb4xn4CibSPYGF_Em1BvXN66ftEd90Zr9RJEQx2t8g3hchYhUD4aU_jXjpPPZ_7Xsd-V47OSNOTajsq0vc8uTc-CWK29oPiwn7OfN7_mD3RikkjkaWfnEXMzZxZp9bF1PPjJvYyYg8qO3N60pcnCKGSnePikR22SLjoBypmNcOEc8qm1xujx9-hzboZafzxjlS4S0BN2_7EfHq7cEKI3QUsTaAf4ydtX_n5L1KWjdudiOL2vRT0LE7bBPEH8BYR8TXv2q9hxYz93hhO9l3tj06jOZzSEgGDT2GU7V2gmKu3d05m0mMn9_wU9SIp_bN_JaDwnHaMjJFhqtf1g4Hmm81yuujFOVGGP5KeDi9tMpWjm0ftZFwD8sP-tJ6vuibcy921iv2r7vHZmWuV9SsW8IsUyhyvo4c34i274i98Ghf4RjjYub_atfhVvQiZJzLnJwOuiGgFLqYjRLwfjdbofyt8OkdXuAui3zJ1yhbb0fxbwTMGj3XlD8XP0v_IKSdtXxlv9ax8TADXJKzc9NxWrsrttl9Ti71_TSVpV9HDibf8xZ6ILDsctQR6ZiNHRLvHAcsu3huhW-7Y7irccxtl9WyHwt3cP86zrv5zr_vt33PAHXK5rbBqQJQRlCFqNnKr9h38nXCf1h4bWJshIEfqsELSPfe01w7Hu-IxZdoxwd7D5oRkt0PCQf1VNf9GdF0HHGOe7z1L_F0vCYTtz7J_fxAnUGcD0m5fFnBGJ0iOcRiZZ1ONZ2P7Tt7XhlbUmRTqnKxZ9J_KjKAzVPsK4s6g1yHec_doMNXkfwFLoD8lHeyZtrn4veAJ91tjnH7ZDvlP48BgLhl_4N-_h52QmL2e8EbXKIZ8O6kv7BNe7ibNbLYv0J2MGSrf1E6WQTpilg7Gjs7WxzZNzmbjJ-vz9rgH385mC03dOevsz2hPnw-fYVY9ZGhnDMt8AyMxmrwwvLAsO2rYDYyChfpiyaC-vwlid-pCROdSEcatoc8OG3OPm6E-xy9Hh5sXZRMWiKfVuBDkJtlKgtue9oAxk-GUFjpgE30hDHtlTfJJvfNgiX3BYe1tUjWbjNUk9mQu0eIPzpr8C_TPNwzU-zhya-NlD4OnWoJWSSmb4FBkzk8UjONBe1B-b6QZvmWaeVZYWeCO6tuNiKSoZWLwAfwXZQLcDSFF48KUqYZXU2dYtSmpYWqS0x3uj37JQMYQ6JsROC9lHebN4pZxvb-Vky0uqCMOb5PfFbuyajICOrd31Rlm_SagM-fBYRnG09uc-2pb0tUP5VFrMXiq2ImHWKQVX7hs22Nc_i3o2HyGqZRYcwN6sNVaoNqIBaT0FXATBTK_J3ciOpKzCyKBE00AKe9EOZaG9baNYiUPsb-tvZt8bc310tXzuqKBZQK9DNazyrcHv0bVaKubzwG6mZBkjXyVJw2pjlP7vh_ei2hVf2rvRunkWzLsva_7b4smwdmnZogLMUIwIXKZ5_aTSgX4PudfOvM2tRbTBaMSsa5gQd3hi7O2ilQFraITJZe96XmPRmU-Iit3k4MSx-b4mZ-VfHBWUswegs2QxgPf-IjAjBaf6BEBJGiyvIBPI4-Ji2fPu-MQdGDnpXmv-hxulpXcuzcvKR5x3DpEaW5DnSsZS431bSbxick8t__Fz8tQQD4n7aW0kIrH31osWLNwXlOa-pX1JtdpvR05ey-BJV5CxG3YNa5lmVM9vnhshBM98QWM8bOHRbyFsFWGUMFSGQqKvQTv1srVu7_IoAZMD1321Ni2S6IuooGhGfV4GUqAm3EVBISORhoqmAT9RqgngqDjrSkg38h9qkC_XyRW9xwzAJ7bdzWDkFbQtvUOn1D0xLv4nXJ5KpdMokUqcWeODJnLOkwYAdsX3f5kjVrj7bagL61W3uP1CClO9EEv5U5l_F-_7AtsXSV4bxmfwGrNcAIQB0nACkBqCqQllPBN5_-NKDEUrh3Whzv3PRWn-dj8_qLNcCSw84Zb5xbeXlxmckExVh7UO7vkmWXgFAu2cKDy6-CZxXBKCmVld3r8_zlsdxgGnpN0cGpB-V9Kb_IjHzQbFI1IXFhECZk5_Es8o9Jud822oBGWlOD-Wajahdv8j_s0i9SPRLoGQxaqsDeJZkuge_JA9-yRN7qCyxAhjKOU1gTODpkIShH8sPVunqfbG8boabkz7NaoJ6VUECdZwSyxMCmiBfL9RogXy9MOhC3w9V9FgjJcl6WdGX6YJYvdJFVkNDCx2riCRykgHXcFfzKEQmuJRex8yU7Ypukw0uQG8WyYDwuozkLGksa7fgWU7KFnzYYhJR3hIOjrE2eFm2UK4FqnSEgjZOVC2KO7lekfW3x7ZIDm0--pFWtDizmGtWcrtwg6W7ZZrZxG8RorEadLIttpJ2yROtNlb41HpQgGigbHosVYiUgQ0Sfk2gIyAOQ-IB3wGB5oqDJvZjrR_KDZRLbyEeUN0OiKwH9K0A-g%3D%3D&uniformat=true&callback=Ya%5B2397472660871%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0e0f01b969676f91d7d39f1fc59e27d24a4f97c69f961e4bfa4c0d4e9c07660c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nefakt.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Jun 2022 05:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1654494064846437-17180721054934571469-sas6-5248-baf-sas-l7-balancer-8080-BAL-8536
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 06 Jun 2022 05:41:04 GMT
uniformat: true
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 06 Jun 2022 05:41:04 GMT

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/5270189/i9mY9jtLoorBAgceRTCXNg/ 33 KB
33 KB 314ms
148ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5270189/i9mY9jtLoorBAgceRTCXNg/wy300
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: a3c335f5d402a4c3f99bb54da373a324c0a40ebe18bd68d2adcff8892bfbea5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:05 GMT
last-modified: Tue, 19 Apr 2022 13:49:02 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 33700
x-request-id: df10f5d0ade8f5a2

GET
H/1.1 200
Ok europeanvillagellc.com
favicon.yandex.net/favicon/ 2 KB
2 KB 299ms
80ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/europeanvillagellc.com?size=32&stub=1

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a71b44ca2df83ed8deeeafb7d45d6ea614a6a9e9632d239c88774e74a7d56d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 7F6A 24 KB
7 KB 217ms
75ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nefakt.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Mon, 06 Jun 2022 05:41:05 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Wed, 05 Jun 2052 12:14:43 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

POST
H2 200 1 Show response
mc.yandex.com/watch/45733872/ 43 B
157 B 99ms
98ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/45733872/1?page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A1%3Als%3A1114697495065%3Ahid%3A159614450%3Az%3A0%3Ai%3A20220606054104%3Aet%3A1654494065%3Ac%3A1%3Arn%3A119090455%3Arqn%3A2%3Au%3A1654494064580324734%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1654494063304%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654494065&t=gdpr(14)mc(p-2-h-1)lt(16000)aw(1)rqnt(2)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nefakt.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
last-modified: Mon, 06-Jun-2022 05:41:05 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 06-Jun-2022 05:41:05 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 120ms
78ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nefakt.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://nefakt.info
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
392 B 224ms
76ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nefakt.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/250298/ 43 B
73 B 94ms
92ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/250298/1?page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A569%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A1%3Als%3A1390744647630%3Ahid%3A159614450%3Az%3A0%3Ai%3A20220606054104%3Aet%3A1654494065%3Ac%3A1%3Arn%3A68462847%3Arqn%3A1%3Au%3A1654494064580324734%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1654494063304%3Ads%3A11%2C172%2C88%2C79%2C0%2C0%2C%2C258%2C0%2C%2C%2C%2C609%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654494065&t=gdpr(14)mc(p-2-h-1)lt(16000)aw(1)rqnt(1)ecs(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nefakt.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
last-modified: Mon, 06-Jun-2022 05:41:05 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 06-Jun-2022 05:41:05 GMT

GET
H2 200 250298 Show response
mc.yandex.com/watch/ 43 B
73 B 95ms
94ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/250298?page-url=https%3A%2F%2Fnefakt.info%2F290173%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A1%3Als%3A1390744647630%3Ahid%3A159614450%3Az%3A0%3Ai%3A20220606054105%3Aet%3A1654494065%3Ac%3A1%3Arn%3A28680930%3Arqn%3A2%3Au%3A1654494064580324734%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1654494063304%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654494065%3At%3A%D0%9E%D1%81%D0%BE%D0%B1%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%D0%BE%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D0%B5%D0%BA%D1%82%D0%BE%D0%B2%20-%20%D0%9D%D0%B5%D0%A4%D0%B0%D0%BA%D1%82.%D0%B8%D0%BD%D1%84%D0%BE&t=gdpr(14)mc(p-2-h-1)lt(16000)aw(1)rqnt(2)ecs(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
last-modified: Mon, 06-Jun-2022 05:41:05 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 06-Jun-2022 05:41:05 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 7F6A 95 B
400 B 344ms
76ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 05:41:05 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Tue, 07 Jun 2022 05:41:05 GMT

GET
H2

404

0100007F71939D622000681D02AD2F46
an.yandex.ru/mapuid/SAPEis/ Frame 7F6A
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=0100007F71939D622500F05F0235818B&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D
https://an.yandex.ru/mapuid/SAPEis/0100007F71939D622000681D02AD2F46

43 B
80 B

79ms
78ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/SAPEis/0100007F71939D622000681D02AD2F46

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

Redirect headers

date: Mon, 06 Jun 2022 05:41:05 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/SAPEis/0100007F71939D622000681D02AD2F46
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

f250a8f0-f1de-529d-b257-437cd0cad00d
an.yandex.ru/mapuid/betweendigitalis/ Frame 7F6A
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/f250a8f0-f1de-529d-b257-437cd0cad00d

43 B
82 B

87ms
86ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/f250a8f0-f1de-529d-b257-437cd0cad00d

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/f250a8f0-f1de-529d-b257-437cd0cad00d
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 7F6A
Redirect Chain

https://yandex.ru/an/mapuid/adobedmp/
https://yandex.ru/an/mapuid/adobedmp/?redir-setuniq=1
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=88FAE53EA716D899
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=88FAE53EA716D899

42 B
945 B

61ms
61ms

Image
image/gif

52.215.108.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=88FAE53EA716D899

Protocol

HTTP/1.1

Server

52.215.108.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-108-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v033-09de9a841.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 4sdYbrM9SxU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v033-093d00a39.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: XhLmK8oxTFU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=88FAE53EA716D899
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
ads.betweendigital.com/ Frame 7F6A
Redirect Chain

https://yandex.ru/an/mapuid/betweenx/
https://yandex.ru/an/mapuid/betweenx/?redir-setuniq=1
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=377670A1DFDF1E5

68 B
607 B

50ms
49ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=377670A1DFDF1E5
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=377670A1DFDF1E5
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 7F6A
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=4D4EC0E24BE5CB69&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=4D4EC0E24BE5CB69&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

83ms
83ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 05:41:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 7F6A
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=4D4EC0E24BE5CB69&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=4D4EC0E24BE5CB69&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

84ms
84ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 05:41:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 7F6A
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=4D4EC0E24BE5CB69&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=4D4EC0E24BE5CB69&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
135 B

82ms
82ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 05:41:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame 7F6A
Redirect Chain

https://yandex.ru/an/mapuid/operacom/
https://yandex.ru/an/mapuid/operacom/?redir-setuniq=1
https://t.adx.opera.com/sync?vendor=60143&uid=55232F28F30FA837

0
410 B

321ms
44ms

Image
text/plain

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=55232F28F30FA837
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Server: 82.145.213.8 Gauteng, South Africa, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=55232F28F30FA837
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

GET
H2

200

34f0bae79ea356169d15898c391beab8e7b4d7e63bd49d44d8d3f931718a3c4b
an.yandex.ru/mapuid/mediascope/ Frame 7F6A
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/34f0bae79ea356169d15898c391beab8e7b4d7e63bd49d44d8d3f931718a3c4b

43 B
80 B

93ms
92ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/34f0bae79ea356169d15898c391beab8e7b4d7e63bd49d44d8d3f931718a3c4b

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
server: ms-counter-3.3.5/1.20.2
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/34f0bae79ea356169d15898c391beab8e7b4d7e63bd49d44d8d3f931718a3c4b
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 match
dm.hybrid.ai/ Frame 7F6A 0
238 B 255ms
80ms Image
text/plain 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 116
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame 7F6A 0
237 B 256ms
81ms Image
text/plain 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 120
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

P2BNbahLnr.bUEb7jnzV
an.yandex.ru/mapuid/dmpamberdata/ Frame 7F6A
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1654494064
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1654494064
https://an.yandex.ru/mapuid/dmpamberdata/P2BNbahLnr.bUEb7jnzV

43 B
80 B

87ms
86ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/P2BNbahLnr.bUEb7jnzV

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

Redirect headers

Date: Mon, 06 Jun 2022 05:41:05 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/P2BNbahLnr.bUEb7jnzV
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 14
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2

200

fd3f16ed-d3cb-47f0-79fe-436161085010
an.yandex.ru/mapuid/buzzooladspis/ Frame 7F6A
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
https://an.yandex.ru/mapuid/buzzooladspis/fd3f16ed-d3cb-47f0-79fe-436161085010

43 B
294 B

89ms
89ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/buzzooladspis/fd3f16ed-d3cb-47f0-79fe-436161085010

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/buzzooladspis/fd3f16ed-d3cb-47f0-79fe-436161085010
date: Mon, 06 Jun 2022 05:41:05 GMT
server: nginx
content-length: 113
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

/
an.yandex.ru/mapuid/targetrtbis/ Frame 7F6A
Redirect Chain

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/mapuid/targetrtbis/?sign=3971380842

43 B
80 B

81ms
80ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/targetrtbis/?sign=3971380842

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

Redirect headers

Date: Mon, 06 Jun 2022 05:41:05 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin
Location: https://an.yandex.ru/mapuid/targetrtbis/?sign=3971380842
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET pixel
mitdmp.whiteboxdigital.ru/ Frame 7F6A 0
0

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame 7F6A
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

78ms
77ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

Redirect headers

date: Mon, 06 Jun 2022 05:41:05 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
x-passed: 2bal2
content-type: application/x-javascript; charset=Windows-1251
content-length: 0

GET
H2

200

eTZb8DeV23j.AikABlGBN4f0Yg
an.yandex.ru/mapuid/getintentis/ Frame 7F6A
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://px.adhigh.net/p/cm/yandexssp?bounced=1
https://an.yandex.ru/mapuid/getintentis/eTZb8DeV23j.AikABlGBN4f0Yg

43 B
80 B

88ms
88ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/eTZb8DeV23j.AikABlGBN4f0Yg

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/getintentis/eTZb8DeV23j.AikABlGBN4f0Yg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

LPqKrjY2qTpXvmzrOJHmqu
an.yandex.ru/mapuid/dmpweborama/ Frame 7F6A
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2369447767
https://an.yandex.ru/mapuid/dmpweborama/LPqKrjY2qTpXvmzrOJHmqu

43 B
80 B

85ms
85ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/LPqKrjY2qTpXvmzrOJHmqu

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
via: 1.1 google
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
server: Weborama Collect Frontend
location: https://an.yandex.ru/mapuid/dmpweborama/LPqKrjY2qTpXvmzrOJHmqu
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

oLHanCLZzYuRwbqQeZWE
an.yandex.ru/mapuid/kadamis/ Frame 7F6A
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/oLHanCLZzYuRwbqQeZWE

43 B
80 B

87ms
87ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/oLHanCLZzYuRwbqQeZWE

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/oLHanCLZzYuRwbqQeZWE
date: Mon, 06 Jun 2022 05:41:05 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

ce732517-204f-4a0b-9a97-251ba6948384
an.yandex.ru/mapuid/mtsdspis/ Frame 7F6A
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=ce732517-204f-4a0b-9a97-251ba6948384&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fce732517-204f-4a0b-9a97-251ba6948384
https://an.yandex.ru/mapuid/mtsdspis/ce732517-204f-4a0b-9a97-251ba6948384

43 B
152 B

87ms
87ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/ce732517-204f-4a0b-9a97-251ba6948384

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:06 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:06 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:06 GMT

Redirect headers

Date: Mon, 06 Jun 2022 05:41:05 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/ce732517-204f-4a0b-9a97-251ba6948384
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame 7F6A
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=21aa2b678226486d8d2c851ab82c7648
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=21aa2b678226486d8d2c851ab82c7648

0
355 B

58ms
58ms

Image
text/html

95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=21aa2b678226486d8d2c851ab82c7648
Protocol: H2
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
server: nginx/1.20.1
mode: no-cors
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=21aa2b678226486d8d2c851ab82c7648
Date: Mon, 06 Jun 2022 05:41:05 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 364
Strict-Transport-Security: max-age=86400
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 7F6A 42 B
201 B 424ms
93ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 05:41:05 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 7F6A 42 B
201 B 453ms
92ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 05:41:05 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

42399f60-e55b-11ec-ad67-f832e4719dd9
an.yandex.ru/mapuid/dmpcleverdata/ Frame 7F6A
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1
https://an.yandex.ru/mapuid/dmpcleverdata/42399f60-e55b-11ec-ad67-f832e4719dd9?sign=709427015

43 B
80 B

86ms
86ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpcleverdata/42399f60-e55b-11ec-ad67-f832e4719dd9?sign=709427015

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/dmpcleverdata/42399f60-e55b-11ec-ad67-f832e4719dd9?sign=709427015
date: Mon, 06 Jun 2022 05:41:05 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0, 0

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 7F6A 43 B
390 B 158ms
37ms Image
image/gif 31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 05:41:05 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 yandexortb
sync.dmp.otm-r.com/match/ Frame 7F6A 0
70 B 154ms
59ms Image
text/plain 116.202.85.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandexortb
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.85.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.85.202.116.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Jun 2022 05:41:05 GMT
server: nginx/1.17.10

GET
H2

200

df089091-d683-4852-963b-dcc68ddcd0f8
an.yandex.ru/mapuid/upravelis/ Frame 7F6A
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://df089091-d683-4852-963b-dcc68ddcd0f8.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/df089091-d683-4852-963b-dcc68ddcd0f8

43 B
80 B

85ms
85ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/df089091-d683-4852-963b-dcc68ddcd0f8

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:06 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:06 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:06 GMT

Redirect headers

date: Mon, 06 Jun 2022 05:41:06 GMT
server: nginx
location: https://an.yandex.ru/mapuid/upravelis/df089091-d683-4852-963b-dcc68ddcd0f8
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

eDL4sqFG1GMiAjqSQVe5nw
an.yandex.ru/mapuid/dmpaidatame/ Frame 7F6A
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/eDL4sqFG1GMiAjqSQVe5nw?sign=2832928389

43 B
80 B

87ms
86ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/eDL4sqFG1GMiAjqSQVe5nw?sign=2832928389

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:06 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:06 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:06 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:06 GMT
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/eDL4sqFG1GMiAjqSQVe5nw?sign=2832928389
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 06 Jun 2022 05:41:05 GMT

GET
H2

200

2Muri_A4SnI1
an.yandex.ru/mapuid/dmpsegmento/ Frame 7F6A
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/2Muri_A4SnI1?sign=3981229675

43 B
80 B

84ms
84ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/2Muri_A4SnI1?sign=3981229675

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:06 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:06 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:06 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/2Muri_A4SnI1?sign=3981229675
Date: Mon, 06 Jun 2022 05:41:06 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

gFlfQTkJaJSO
an.yandex.ru/mapuid/rutargetis/ Frame 7F6A
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/gFlfQTkJaJSO

43 B
80 B

90ms
90ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/gFlfQTkJaJSO

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:06 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:06 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:06 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/gFlfQTkJaJSO
Date: Mon, 06 Jun 2022 05:41:06 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 78ms
77ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nefakt.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://nefakt.info
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 81ms
79ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nefakt.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

GET
H2 200 x300
avatars.mds.yandex.net/get-direct/4055521/NjtOBw6axmlXFWqJ-2v0Ag/ 12 KB
12 KB 92ms
91ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4055521/NjtOBw6axmlXFWqJ-2v0Ag/x300
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 24db279a9d0ac236670e952f910ce8187898d09ab926eea90ab7d77033f1037e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:05 GMT
last-modified: Sat, 12 Mar 2022 08:17:45 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 12274
x-request-id: cf6b4b399b25b5ae

GET
H/1.1 200
Ok mir-tv.de
favicon.yandex.net/favicon/ 1 KB
2 KB 83ms
82ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/mir-tv.de?size=32&stub=1

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

66a92410485c8fe2e9641a8f6317e825501d5f7d3469029d8549a9eac2fad370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/5378503/IL1pHHRtaL30Le3OOuVKNw/ 20 KB
20 KB 116ms
115ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5378503/IL1pHHRtaL30Le3OOuVKNw/wy300
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 19007e67578dd53e8f753357a613b20c08d2b59e22eba742d0f189e51f974283

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:05 GMT
last-modified: Wed, 02 Mar 2022 10:38:59 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 20252
x-request-id: 69e6bf412c83d435

GET
H/1.1 200
Ok ru.4game.com
favicon.yandex.net/favicon/ 533 B
746 B 165ms
81ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/ru.4game.com?size=32&stub=1

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1f6b760f8a6bf31aa7c0cb27978327821c347db6616b43d66be7b1ca682f7284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x300
avatars.mds.yandex.net/get-direct/225309/8J0YwyNEImVRJpw66v_-hg/ 16 KB
17 KB 115ms
114ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/225309/8J0YwyNEImVRJpw66v_-hg/x300
Requested by: Host: nefakt.info
URL: https://nefakt.info/290173/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: aaf8b44fb038938507a7957f6a3e4d73d8229229e6fad181136d2ef80003b751

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:05 GMT
last-modified: Tue, 30 Apr 2019 08:46:35 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 16564
x-request-id: ab1833363c4faf00

GET
H/1.1 200
Ok xcraft.ru
favicon.yandex.net/favicon/ 531 B
744 B 231ms
81ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/xcraft.ru?size=32&stub=1

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4489654fed8c9c74673842a01b843721f90f284f177ec777830a1896b67594e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nefakt.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 80ms
79ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nefakt.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 05:41:05 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:05 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 83ms
77ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nefakt.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://nefakt.info
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 06 Jun 2022 05:41:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 7F6A 105 KB
37 KB 99ms
99ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: nefakt.info
URL: https://nefakt.info/290173/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:06 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 17:39:19 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 49aa4646f1626725

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 7F6A 140 KB
50 KB 90ms
90ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

afa2263f43e53ca655d020e0a4de1c8854e5545795f2c1af2b193d3efbbcc8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:07 GMT
content-encoding: br
last-modified: Fri, 03 Jun 2022 13:26:02 GMT
etag: "6299e1ba-c7c7"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 51143
expires: Mon, 06 Jun 2022 06:41:07 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 7F6A 403 B
802 B 102ms
102ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fnefakt.info%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ba29dd2cfd66f3591529ff42c9213071c7d67ed3c093f4639ba8b840f372fadb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 1KqqEcod0U4100000000U9nJB0X-AYea8QriQFciPxVw1oLjouB9SvCOWC0J9XBg_FTuUkokYymCgOn0yKpBPonRGEAbR41UxKOWqSgO02GxGR90mCGmap7S3i9Uo9YX0c6jP3oY067jPJpB8S1m5Cm_omZIT1LCtcLaa65W-iiuYuc1OIuJI6GfamwGMiiK0HGvo... Show response
yandex.ru/an/rtbcount/ 43 B
159 B 115ms
115ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1KqqEcod0U4100000000U9nJB0X-AYea8QriQFciPxVw1oLjouB9SvCOWC0J9XBg_FTuUkokYymCgOn0yKpBPonRGEAbR41UxKOWqSgO02GxGR90mCGmap7S3i9Uo9YX0c6jP3oY067jPJpB8S1m5Cm_omZIT1LCtcLaa65W-iiuYuc1OIuJI6GfamwGMiiK0HGvo_GV25un2Vnvi4RUyXa3m-Fi_wyEF61b-Cl42N82CokGx6LM199JcK6Qvp8pWQm5ac1xMJOoQ-YdxGYpYoW-oLnGVezvagcOxrMmohjWyYUpWnC_nD4iUzvl0xDMi5olsS72T825wGBBlrjRBztVzEUNs4qMY3y-s3zaENi61DxOlsK1-MO1A-z9rirFEC3I5rWR6XfORh8MY2-pBFTLO_hA2l901ri3omosAuU35x0zUTxPlUFBsWTvAzbWnXnWypZ1nlo8ZJSnsydAszt5tCSpFyhy9HlCmfziDpTDdi7A_Sb-8dlFzyVVJYz_Op-BdStKqj38o7m3ky8ETgOJx28Fs7VkEt5eskpjaoSo0W3jz9jh?confirmTime=2100000&confirmRatio=1000000&test-tag=208357453463554&format-type=95&actual-format=3&rnd=1759581527283&pcode-active-testids=574104%2C0%2C-1&banner-sizes=eyI3MjA1NzYwNjI2MTExNjc4OSI6IjI5OHgyODgifQ%3D%3D&width=300&height=290

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nefakt.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Mon, 06 Jun 2022 05:41:07 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:07 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 7F6A 39 KB
15 KB 151ms
59ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 6069194915506431635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 05:41:07 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 7F6A
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=c5OdYpWBDJK-mLAPvYWwmA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1624416883&crd=&is_vtc=1&random=1374547091
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1624416883&crd=&is_vtc=1&random=1374547091&ipr=y

42 B
64 B

142ms
60ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1624416883&crd=&is_vtc=1&random=1374547091&ipr=y

Protocol

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1624416883&crd=&is_vtc=1&random=1374547091&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 7F6A
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=c5OdYoWBDOTImwfkjIyQDA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=919949279&crd=&is_vtc=1&random=2701389980
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=919949279&crd=&is_vtc=1&random=2701389980&ipr=y

42 B
64 B

131ms
49ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=919949279&crd=&is_vtc=1&random=2701389980&ipr=y

Protocol

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=919949279&crd=&is_vtc=1&random=2701389980&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 7F6A 3 KB
1 KB 143ms
88ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1654494067245&cv=9&fst=1654494067245&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fnefakt.info%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04df7ea57774d22c08dd023547793a96d00340c59277bcaad5a518aca4304240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 7F6A 3 KB
1 KB 108ms
54ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1654494067248&cv=9&fst=1654494067248&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fnefakt.info%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6dd355cae238ae195e8ea8d2f72123bbbf4497b4b8db600bb8b4d64a2834768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1115
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 7F6A 3 KB
1 KB 141ms
89ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1654494067250&cv=9&fst=1654494067250&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fnefakt.info%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3936bec5104bbbcb2481c33082bc101b6a8b9de39443478c3f0f3ff7f0cc4410

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 7F6A 3 KB
2 KB 104ms
54ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1654494067251&cv=9&fst=1654494067251&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fnefakt.info%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17b7c87552f98d8a5463d5190b592606d87dd13888cb7420f86ce06fb3977a25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame 7F6A 167 B
266 B 98ms
98ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fnefakt.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A198dw73ozp1lr8k77gm80%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A1620391758424%3Ahid%3A687495565%3Az%3A0%3Ai%3A20220606054107%3Aet%3A1654494067%3Ac%3A1%3Arn%3A663448164%3Arqn%3A1%3Au%3A1654494067739171143%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1654494064850%3Ads%3A0%2C141%2C75%2C2%2C0%2C0%2C%2C46%2C0%2C266%2C266%2C0%2C266%3Aco%3A0%3Ast%3A1654494067&t=gdpr()aw(1)rqnt(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d73a52ae4c6d78b256a0a3143a89412945761c2eeeaafe2bf982138aabe7c8b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 06-Jun-2022 05:41:07 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Mon, 06-Jun-2022 05:41:07 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 7F6A 43 B
100 B 90ms
90ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 05:41:07 GMT
last-modified: Fri, 03 Jun 2022 13:26:02 GMT
etag: "6299e1ba-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 06 Jun 2022 06:41:07 GMT

GET
H2 200 WOWejI_zODe0zGi091Hdn_r39LY0p0K0sW4GW8200J5mavrYnXw80WQv0h9pFNL9WQV-y0BjbEUA0o_m1G6W1k82k0R00Sa6S5Fb5H8O6oEf1pdc1BGdy28hq0Y2W8200e0A0OWAYG682mog2n3yuAmVEUO00EDh_-h0uF0B1k0DWe20WO20W8W4c0xmxlcUeBADY... Show response
yandex.ru/an/count/ 43 B
84 B 114ms
114ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WOWejI_zODe0zGi091Hdn_r39LY0p0K0sW4GW8200J5mavrYnXw80WQv0h9pFNL9WQV-y0BjbEUA0o_m1G6W1k82k0R00Sa6S5Fb5H8O6oEf1pdc1BGdy28hq0Y2W8200e0A0OWAYG682mog2n3yuAmVEUO00EDh_-h0uF0B1k0DWe20WO20W8W4c0xmxlcUeBADYqse3xdCizpxXBoHAv0Gll_CpuI_pkYp0VWG4-F1gGdm4XC11E0K0TWLmOhsxAEFlFnZy9WMyBtjamQW5l3YvfG6oHRmFzWMWHUe5msP6D0O8VWOgkwMjP6WeTCfW1c96RFa20000000k1d_0S0PyAwOpVEkavC2qXaIUM5YSrzpPN9sPN8lSZOsEIqpw1ci0l0PWC83c1hKmrEm6qYu6mE270rXQq8wIqT4Dqn9RretwHo07Vz_W20WY2024W1Ro8YK4t8AHYWn502Jl1pIRBmpP68iBbib8rX0kqHsdgcF-i2CWceDAjREUN1tZl8S0f9cKZEC9W00~1=WlCejI_zO8m2JHS0T2YE6FUlZ0EqYxcspTcxmB81W060oyVkijZCbGM80UMikEwH0P01whtuYDk0W802c07glVY8Mw01whke0Ugx-8XRk06-peZS9DW1iiVcfW7W0RhUgQ01mgxUlW6W0gAEgHcm0mA818W5hwGRa0NyjYkm1QQ52xW5feKBgBK4u0MK0PW6c9M5cGge1k82k0U01T070jW74E07XWhn1m000032W806u0YHnzGCw0dmFyaAxCEN4XGN0a3P2pdc1BGdy28hw0klf1k83AojvBu1gGpc3tp8FqpZF-WCcmQO3QRmAp-G3e3gCA0EYDiWsG-04DdXsoECW0AO4UcT8-0HlD_R1UWHklNxb_7N_uieW2lFG4rXE-AVzyu_c1C4g1F-shNItxBy-XRW4wQ52u0KW82018WKlUJ_vikGXTAE0Q0KfeKBg1JyjYletPG6w1IC0j0LiEZTb0RO5S6AzkoZZxpyOvWMyBtjamQW5l3YvfG6i1QG1iaMq1QihUI-0TWMll_CpuI_pkYp0O4Nc1VBtlOjk1S1m1UrbW7O5y24FU0Nmwdab0Re5mJu5xsZvvG6cHYW60Um6928zfG6k1WL-1YgxfQraQ2Xqoc06OaPi-IW6S01k1d_0U0P1EWPh0Bm6O320u4Q__-lqfIh0Lc86i24FPWQrCDJk1e3zHe10000c1ldW32m6qYu6mFO6u08eHm00030yeRCFwaS00Z0iHnx5Av7uNg4lxb0s1olf1lW7FosA-dmF_4S0000wEcJn3-07V__VvaTo1s8so2H7gWU0T0Use-VbA_HrwXKs1xwsXwW7zdXsoEm7m787zcZirFI7mOrEJ4oCZU0822880Am88I08E0W0Hy0Hn4Zb6WACnJ8oKrw0zo38zkerI0sNXcEYf10oNNB4Ffs_VZjR23vCXqMiTdhfXLn6BgaB1H-k8o0lYu8DH0rGavWZ9HeM0G8oz9p384KpRXe4bWKiDantDJCCDWcYW00~1?stat-id=6&test-tag=3586057174023697&banner-sizes=eyI3MjA1NzYwNjI2MTExNjc4OSI6IjI5OHgyODgifQ%3D%3D&format-type=95&actual-format=3&pcodever=591227&banner-test-tags=eyI3MjA1NzYwNjI2MTExNjc4OSI6IjU3MzkzIn0%3D&pcode-active-testids=574104%2C0%2C-1&width=300&height=290&confirmTime=2112000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nefakt.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Mon, 06 Jun 2022 05:41:07 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:07 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 7F6A 42 B
108 B 161ms
58ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1654494067251&cv=9&fst=1654491600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fnefakt.info%2F&async=1&fmt=3&is_vtc=1&random=2577012797&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 7F6A 42 B
108 B 153ms
50ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1654494067251&cv=9&fst=1654491600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fnefakt.info%2F&async=1&fmt=3&is_vtc=1&random=2577012797&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 7F6A 42 B
108 B 163ms
60ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1654494067248&cv=9&fst=1654491600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fnefakt.info%2F&async=1&fmt=3&is_vtc=1&random=1351394879&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 7F6A 42 B
548 B 150ms
48ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1654494067248&cv=9&fst=1654491600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fnefakt.info%2F&async=1&fmt=3&is_vtc=1&random=1351394879&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 7F6A 350 B
385 B 98ms
98ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fnefakt.info%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A198dw73ozp1lr8k77gm80%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A1%3Als%3A929612294787%3Ahid%3A687495565%3Az%3A0%3Ai%3A20220606054107%3Aet%3A1654494067%3Ac%3A1%3Arn%3A326995503%3Arqn%3A1%3Au%3A1654494067739171143%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1654494064850%3Ads%3A0%2C141%2C75%2C2%2C0%2C0%2C%2C46%2C0%2C266%2C266%2C0%2C266%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654494067%3At%3A&t=gdpr(6)lt(5300)aw(1)rqnt(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

03706fa4ab20469d8bef253c7362ff46c05a7fc0120764461a3a87d1f1d9c76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 06-Jun-2022 05:41:07 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Mon, 06-Jun-2022 05:41:07 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 7F6A 42 B
548 B 123ms
55ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1654494067245&cv=9&fst=1654491600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fnefakt.info%2F&async=1&fmt=3&is_vtc=1&random=1501878578&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 7F6A 42 B
108 B 120ms
53ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1654494067245&cv=9&fst=1654491600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fnefakt.info%2F&async=1&fmt=3&is_vtc=1&random=1501878578&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 7F6A 42 B
108 B 130ms
63ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1654494067250&cv=9&fst=1654491600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fnefakt.info%2F&async=1&fmt=3&is_vtc=1&random=654020829&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 7F6A 42 B
108 B 58ms
58ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1654494067250&cv=9&fst=1654491600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fnefakt.info%2F&async=1&fmt=3&is_vtc=1&random=654020829&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1TxOGE6X0UC100000000U9nJBDZE_JD9UhcWeUMp5mAs7vIqBGicpqrY009Fc4ZepV3uqDXT5vaPKXc1ufcMpzQmWyHBMO6yser0efKn0KXsWcI1W8bX9kCyAGXx8UCl4GXh9UD38GXhBsF2F1Q6es3-MKQGfgjWyYuZWmm3qr_6MKmC37EPG29BcGA0r5ec2I1vb... Show response
yandex.ru/an/rtbcount/ 43 B
84 B 100ms
100ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1TxOGE6X0UC100000000U9nJBDZE_JD9UhcWeUMp5mAs7vIqBGicpqrY009Fc4ZepV3uqDXT5vaPKXc1ufcMpzQmWyHBMO6yser0efKn0KXsWcI1W8bX9kCyAGXx8UCl4GXh9UD38GXhBsF2F1Q6es3-MKQGfgjWyYuZWmm3qr_6MKmC37EPG29BcGA0r5ec2I1vbka_4BnY4lYoBEEZvJC6Xg83BAyFF61b-Cl42N82CyWrlSoAG78gCqZpN6OcaBL0KW5aAyj6PWtzj1rXTX759vaBokynJp8LyxqALdaNJFvaTd3YXpYQPTlxRM3M2fPvfXjO67UmC1rWORh0yk_MraltD_tv9NQJ1UAL3_OFMSwU0O4tzczPG1vQmCfxadNp4mwmz0NMXeO6bfki1UBBBCjzrPY-ieByqC7Mm3A3xShXu0LiJvvtTk_uilP1taesc347s3nEi34_OkDDp7QoCdLCj_3np8yoVya6i_0dd3MHlUVxus-dbx-ndyNEPcffQ6Hale5TOGSxymbsaGViwxPjNBz-RtixBm37ifXl?confirmTime=2100000&confirmRatio=1000000&test-tag=208357453463554&format-type=95&actual-format=3&rnd=4243095851421&pcode-active-testids=574104%2C0%2C-1&banner-sizes=eyI3MjA1NzYwNjI3ODE2MTE3OSI6IjIzOHgyODgiLCI3MjA1NzYwNTg2MTExOTg5MCI6IjIzOHgyODgiLCI3MjA1NzYwMzI0MDgzNTgzMiI6IjIzOHgyODgifQ%3D%3D&width=730&height=290

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nefakt.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Mon, 06 Jun 2022 05:41:07 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:07 GMT

GET
H2 200 WNWejI_zODK0TGi0b19LNrVPKDF7UmK0rG4GW8200J5mavrYnXw80WMv0h9pFNL9WQV-y0AsqwtUB_050Q06uWAu1i01oGPmjmlvOXkd4Qa7EUQi1ptm8Ylu2geB4FIcQF4vvW00Si04wy3Wy0i6u0s2W821W820Y0IO3l3k-PwWiesBJQWFkSoZXz67l94ha12-_... Show response
yandex.ru/an/count/ 43 B
84 B 115ms
114ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WNWejI_zODK0TGi0b19LNrVPKDF7UmK0rG4GW8200J5mavrYnXw80WMv0h9pFNL9WQV-y0AsqwtUB_050Q06uWAu1i01oGPmjmlvOXkd4Qa7EUQi1ptm8Ylu2geB4FIcQF4vvW00Si04wy3Wy0i6u0s2W821W820Y0IO3l3k-PwWiesBJQWFkSoZXz67l94ha12-_ypFXB_EwBC1-10Juy6f2V0I4m44u1G1s1N1YlRieu-y_6Fme1RmukQK1iaMy3_O5e4Ng1SDcHZG627u6AhkbhMHeA7JAO0PYHcpvBWP_m706V2kcCtphfEJ0j8P4dbXOdDVSsLoTcLoBt8sDZajC-WPsWNm6O320vWQrCDJi1j8k1i3WXmDOMj2EZL1PpXCIMzQD-aS003mFu0T_t-0822880CL05l8Gi0QFv3sm6fa6ouB9j4v1Bzuas5Y72vRDIDOGBj6TfwnZ_h0b89g3PgrSm9WLs8k_54Ot9sZa0SNAzUaPXXY~1=WpOejI_zOCS2PHa0L2s_SCMNnmEqYxcspTcxmB81W041Y075gytrTv01jeoPcTk0W802c06sZ9cPMw01jAW1jBW1Y9JIaIBO0U3jx9e1u076w-oQ0UW1Z0Fu0TQothu1e0B4XvKOm08Bi0C2w0I01uW5lCyPa0N-Xnkm1V-t2hW5_xSAm0NLynJ81Vg72D05ek02u0MK0PW6bBVXLgW6uWAm1u20a3ou1u05q0SMs0SGu0Ua3_470CA2W0RW2EB3YWpe2GV92lqxwqaglVG_sGivvgm7FV0YA-WBlCyPY0pCWj--0QaCQE1Ib5Vuxp_e39i6c0svxIi_e0xZrGJP3u0GyFJU7Q0Wq12-XQzVeH41u16stzi5w16GsDARv_kEfKQUka1fVqg4pXUwFvWJ1AWJ_jgrqj-o_FeMu1F_jmg05820W0I85D_qYRYTaPN1q06W5F-t2gWK_eSRm1I0w98cYulZb0Re58m2q1MBY-EK1jWLmOhsxAEFlFnZe1RmukQK1h0Ma0R95j0Mp8BVlW7O5hx_pC-4lyxeim615m3mFvWNcgJPBBWN0S0NjPO1q1VGXWFO5uxxFEWN19aOe1WIi1YGYFQK1hWO6VWOgkwMjP6WeTCfW1c96RFae1d00RWP____0U0P1EWPsWNm6O320u4Q___Boj0ibc-86i24FPWQrCDJk1e2zHe10000c1lO_I-m6qYu6mFO6u08wHi000303fCvGV0Rqfw90lWRwPRy0Q4S0000813zvx-f70Z0iHnx5Av7uNg4Fxb0s1oypndW7Fw76-dmF_4S0000u7A1ip-07Vz_cHt87S24FU0TeS85w1tvy-xTnDQWhnBm7UNtzSB8rg2l4lWTYPpY-v7IZyq-aHwe7W7O7lpQ7eWV____0Q0VyFJU7R0V0SWVyBQsJT8V1ZKvCJ8oDzaV0000095OE47W7-c__07e7zJVxm60822880Em88I08E0W0Hq0KmpK9f0Yb6GXanN8oGrvJ_J6-IW6T6ariZsMWG8J2VU2QmZTitxc1ZOyjvSS_D9dtSYkPo6oKE7XBW8g46mU28jTjWxo484yS5mQO5rg4Xri4t00~1=Wo4ejI_zOAa2lHW012j858wQgGFAYjJQfjEyvOi1W041Y06E-uFQPv01fDwyYzY0W802c06athoBMA01zDoe0VJSl8jOk072pUAn8TW1k9URc07W0OZFomte0LZu0PIwthu1c0B0m-8Fe0B0WE89m08Be0C4i0C2YmM81V7X7f05qkWZi0NBZGcu1SkD2S05qOyHo0MPhGJG1PtI0-05bAW6uWAu1u05q0SMs0SGu0U62l4700000CA2W0RW2A20yGJe2GURLu-N9ty1GCdu2e2r6DaBEUQi1ptm8Yle2_7X7eWCi9i6c0svxIkmFg0Em8GzW13SYROSmB0GeH41u16stzi5w16GsDARv_kEfKQUka1Ch_1o7Ux9FvWJ1AWJ_jgrqj-o_FeMu1FBZGc05820W0I85D_qYRYTaPN1q06W5CkD2QWKqkWZi1JhhR09k1I0c-u2m1I0xBYfmVX7s1JixOsH1kWKZ0BG5UpjZP46s1N1YlRieu-y_6EW5l3YvfG6i1QG1iaMq1QmuTw-0TWMll_CpuI_pkYp0O4Nc1V5XfiFk1S1m1UrbW7G5z260zWNjB0ww1SZcHYW60km6928zfG6k1Z20lWOgkwMjP6WeTCfW1c96RFae1d00RWP____0U0P8-WPsWNm6O320u4Q__yhGz6sBoo86i24FP0QW0YO6jJ3Kw0QfwR1q_EDlg0ok1e1zHe10000c1lO_I-m6qYu6mFO6u08wHi0001Wml0LGV0RewPM-1llgGRO7F7X7k0SqkWZwHpn70000E1oWRC_W1t_VvaTo1t0X3tW7SUHaGUH7gWU0T0UmlBppxApkvNK0TWU-jeUY1____y1e1_SYROSi1y2o1_SourCqXy6DJanCZ8tsHy000303L8GGU0VwfX0w1_5XWA0822880Ef8B0WX80Wu2018028IX3egz4qHRvGGWoMSuKPOb2A0MzQZRoFomWfaWCbrrD3D49kCOueR23ZB-KDfWJ0aRCoGyWgU1K2CW9g8B058J6_YNKq4beEJeeHdoEG2M1NqdCC0ig252K975irimws2JW0~1=WoaejI_zOAi2_HW0f2jL3QcHgmEWYzovzvxrfVe1W07WWDU21uW1-upgfawG0V3hoSZ4W8200fW1yEl9o4IW0Spag07CvCd8HBW1ZflOkn_O0QAlsX_W0TxHc1_e0PG3-07eYzw-0Q02qAsA2g031h03wmI81UhK8905cfKXi0MbjmYu1QMt2C05pwXJo0MibnNG1Tkl0-05bAW6uWAu1u05q0S2s0SGu0U62l4700000CA0W0RW2EYMXGNe2Nup3_f7AT0_oVWAWBKOsGivvgm7FV0YA-WBwjGWY0p6lEA-0UWCcmQO3RdjAt0ze0x0X3s049cAZHcQ41i9G0JvFnd84C2G4A4H0U0Hjj_R1UWHaDZIc-VxZgL6dhf0Ys7o51IQr3-O4mIe4_xQjTBVilpw5k0JfRS8Y1JVz8cudP6LmT01e1IbjmYe59gL8R0KbVUm6BWKW9Eu1yWK0j0KbSp50TWKXOQiaGRe58m2q1M5XgoH1jWLmOhsxAEFlFnZe1RmukQK1h0Ma0Qu5W705c395l0_q1R6lEA-0TWMll_CpuI_pkYp0O4Nc1VZcFudk1S1m1UrbW7G5z260zWNa94yw1S3cHYW60km6928zfG6k1Wh-1YgxfQraQ2Xqoc06OaPi-IW6S01k1d___y1u1a3w1dQ1V0PWC83WHh__wlyHjmxW8WQm8Gzc1hKmrEW6lgSn8xPmj-4iW6u6W7r6W40002O6zZzBx0RIBWR0zWRW0Zf6m00000EJcf1y1l1zEuP-1k1wj01s1pgr23W79gL8UaSyHm0003WSe6pFu0T_t-P7SWTm8Gzu1sXmWMH7gWU0T0UkCEQdxlhke7-0TWU-jeUY1____y1e1-PYeqPi1y3o1_Hb-qFqXy6DJanCZ8tsHy00010n8D8GU0VsxA31kWVmOqOW20WY203gI2m88I08E0W0I00AKiGoAlHc299A245owcw334hnO0whKPsyCe8AP839SBEcH6P3MHCfhpBb00zSkOroHJ3oU3co7vND-0YLeE6wK1uZuFgKnCOGxe8P0BOHVGSW-2n80LmfNJUhfbri4t00G00~1?stat-id=5&test-tag=208357453495857&banner-sizes=eyI3MjA1NzYwNjI3ODE2MTE3OSI6IjIzOHgyODgiLCI3MjA1NzYwNTg2MTExOTg5MCI6IjIzOHgyODgiLCI3MjA1NzYwMzI0MDgzNTgzMiI6IjIzOHgyODgifQ%3D%3D&format-type=95&actual-format=3&pcodever=591227&banner-test-tags=eyI3MjA1NzYwNjI3ODE2MTE3OSI6IjU3MzYxIiwiNzIwNTc2MDU4NjExMTk4OTAiOiI1NzM5NCIsIjcyMDU3NjAzMjQwODM1ODMyIjoiNTczNjMifQ%3D%3D&pcode-active-testids=574104%2C0%2C-1&width=730&height=290&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nefakt.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 05:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://nefakt.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Mon, 06 Jun 2022 05:41:07 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jun 2022 05:41:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 03:36:20	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 03:43:32	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 03:36:20	Name: pcs3 Value: 1
nefakt.info/	1969-12-31 23:59:59	Name: flat_r_mb Value: %2F%2F%2F%3Adirect
.nefakt.info/	1969-12-31 23:59:59	Name: surfer_uuid Value: 7abdee7a-0cde-4f6e-bcd5-8774c04860b2
.nefakt.info/	1969-12-31 23:59:59	Name: la_page_depth Value: %7B%22last%22%3A%22https%3A%2F%2Fnefakt.info%2F290173%2F%22%2C%22depth%22%3A1%7D
.nefakt.info/	1969-12-31 23:59:59	Name: page_load_uuid Value: b7fba1a6-f2d7-44af-a00f-0b9e359cb26c
.nefakt.info/	1970-01-20 12:20:30	Name: _ym_uid Value: 1654494064580324734
.nefakt.info/	1970-01-20 12:20:30	Name: _ym_d Value: 1654494064
.mc.yandex.com/	1970-01-20 03:34:54	Name: sync_cookie_csrf Value: 2958876066fake
.nefakt.info/	1970-01-20 03:36:06	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 03:34:54	Name: sync_cookie_csrf Value: 270552385fake
.yandex.com/	1970-01-20 12:20:30	Name: ymex Value: 1686030064.yrts.1654494064#1686030064.yrtsi.1654494064
.yandex.com/	1970-01-20 12:20:30	Name: yandexuid Value: 1941743811654494064
.yandex.com/	1970-01-20 12:20:30	Name: yuidss Value: 1941743811654494064
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2621547021654494064
.yandex.com/	1970-01-23 19:10:54	Name: i Value: BL9XzRxQ1VFVHYw8j/6o+3RgyPqvYuNXg7TfprjWsJBtg/bHitaHl9g9f4Jnm1PNdcJEnMX3WuiIiusZdMn6Nfnk7WQ=
.yandex.ru/	1970-01-23 19:10:54	Name: yandexuid Value: 9929952561654494065
.betweendigital.com/	1970-01-20 12:20:30	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 12:20:30	Name: tuuid Value: f250a8f0-f1de-529d-b257-437cd0cad00d
.betweendigital.com/	1970-01-20 12:20:30	Name: ss Value: 1
.acint.net/	1970-01-20 03:34:54	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWKdk3EdaAAgRi+tAm5mMPKcSZj56tVFLv/2NJByeAEe
.acint.net/	1970-01-20 04:18:06	Name: cSyncDp14v3 Value: 1654494065
.yandex.ru/	1970-01-23 19:10:54	Name: yuidss Value: 9929952561654494065
.dmg.digitaltarget.ru/	1970-01-21 05:30:06	Name: viuserid Value: P2BNbahLnr.bUEb7jnzV
.yandex.ru/	1970-01-20 21:06:06	Name: i Value: pNKo5fh5UuHo/3wd+igKOb/R3dFl1uvwwfv4KoqoBuFPrkVTYwk2S/FiyM0b2HzZl5kiRyAJvSheMxrorbEUIxy+5Bo=
.tns-counter.ru/	1970-01-20 12:20:30	Name: guid Value: 49AB681D629D9371X1654494065
.betweendigital.com/	1970-01-20 12:20:30	Name: ut Value: Yp2TcQAFwKh1L-KwoHC5fKFP66BJ3kqR7DxEKA==
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWKdk3Ff8AAli4E1AjkyaSF5qxVO9bdCA7uUA0LI/NaM
.weborama.fr/	1970-01-20 13:00:49	Name: AFFICHE_W Value: TUeu9Cqssu5N38
.uuidksinc.net/	1970-01-20 12:20:30	Name: jcsuuid Value: oLHanCLZzYuRwbqQeZWE
.demdex.net/	1970-01-20 07:54:06	Name: demdex Value: 38882869358967704270008982093932352984
.doubleclick.net/	1970-01-20 12:56:30	Name: IDE Value: AHWqTUlyFVNk-3KxPSOACimW9MnaLlIbSVzM7DrYSmUQ85zbq6rJXpk0NYo4SDGn54g
.sonar.semantiqo.com/	1970-01-22 00:13:18	Name: semantiqo_a Value: 21aa2b678226486d8d2c851ab82c7648
.sonar.semantiqo.com/	1970-01-20 12:30:34	Name: check Value: 694a51da91824e31aac4941461eedc6d
.adx.opera.com/	1970-01-20 04:18:06	Name: UID Value: 97ccfb11efbe42738858a76782abc1e8
.mts.ru/	1970-01-20 12:07:32	Name: dspid Value: ce732517-204f-4a0b-9a97-251ba6948384
.dpm.demdex.net/	1970-01-20 07:54:06	Name: dpm Value: 38882869358967704270008982093932352984
.1dmp.io/	1970-01-20 12:20:30	Name: uid Value: 42399f60-e55b-11ec-ad67-f832e4719dd9
.adhigh.net/	1970-01-20 12:20:30	Name: gi_u Value: eTZb8DeV23j.AikABlGBN4f0Yg
.1dmp.io/	1970-01-20 03:34:54	Name: ru-seq Value: null
.adhigh.net/	1970-01-20 12:20:30	Name: yandexssp_sync Value: jJV
.upravel.com/	1970-01-20 03:34:54	Name: session_tptc Value: 1654494065879
.upravel.com/	1970-01-23 19:10:54	Name: user_id Value: df089091-d683-4852-963b-dcc68ddcd0f8
.mts.ru/	1970-01-23 17:58:54	Name: mts_id Value: 56d64f1c-9c31-4e7a-8bff-86881504f2eb
.mts.ru/	1970-01-23 17:58:54	Name: mts_id_last_sync Value: 1654494065
.aidata.io/	1970-01-20 21:06:06	Name: __upin Value: eDL4sqFG1GMiAjqSQVe5nw
.aidata.io/	1970-01-20 21:06:06	Name: __upints Value: 1654494065
x01.aidata.io/	1970-01-20 03:44:58	Name: yaya Value: 1
.rutarget.ru/	1970-01-20 07:54:06	Name: userId Value: gFlfQTkJaJSO
.yandex.ru/	1970-01-20 21:06:06	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 21:06:06	Name: is_gdpr_b Value: CMrGBxCQdxgB

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nefakt.info/wp-content/uploads/2014/05/stroyka_3_02-300x200.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9661.DXIlwBRu-lyebYeGelQFS1qO0o1DXcUNPrPSgjcPIsZaacWEnrFoMAU5nfMNkCsPJS87nro--Vh9nTfrEpSwWA%2C%2C.5iyeQbzcn_D7caFYIS55a0bsSTQ%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://an.yandex.ru/mapuid/SAPEis/0100007F71939D622000681D02AD2F46 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acint.net
ads.betweendigital.com
an.yandex.ru
avatars.mds.yandex.net
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
df089091-d683-4852-963b-dcc68ddcd0f8.sync.upravel.com
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
exchange.buzzoola.com
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jlzbnl.com
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
nefakt.info
profile.ssp.rambler.ru
px.adhigh.net
redirect.frontend.weborama.fr
s.uuidksinc.net
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
www.google.com
www.google.de
www.googleadservices.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
mitdmp.whiteboxdigital.ru
116.202.128.114
116.202.85.93
142.250.185.194
142.250.186.130
144.76.118.200
176.9.8.252
185.15.175.144
188.42.196.115
188.72.107.194
193.232.150.45
2001:6d0:4001::226
213.87.44.187
217.65.2.150
217.66.147.164
2a00:1450:4001:801::2003
2a00:1450:4001:808::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2003
2a00:1450:4001:830::200a
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
31.172.81.160
31.220.27.135
35.190.24.218
37.18.16.16
45.9.24.193
46.4.121.26
5.188.57.51
52.215.108.43
62.76.25.28
81.222.128.214
82.145.213.8
88.198.16.238
88.212.202.52
89.108.120.68
91.192.148.30
95.216.101.186
95.217.109.66
03706fa4ab20469d8bef253c7362ff46c05a7fc0120764461a3a87d1f1d9c76f
04df7ea57774d22c08dd023547793a96d00340c59277bcaad5a518aca4304240
0e0f01b969676f91d7d39f1fc59e27d24a4f97c69f961e4bfa4c0d4e9c07660c
14b2d3f91d00f7e40e1beb94b4e176917907986fd7e66e2a4909f5f3c3db6fc4
162e3c1418cb635269ebc9cc02c681d0a356371d99dd862c078eb17d095138de
1635bc26e991d74529fe20db6a0e4fa4e11d1a315e4c6527e78ebe405b47dc63
177de7c18ac7e99755daef737d58968c643b313b327632184df9e77b9af188b9
17b7c87552f98d8a5463d5190b592606d87dd13888cb7420f86ce06fb3977a25
17df1f2891553baf6c74c4eef8cd0dd9fb73a5669f9f89d67183a8bfe41acfd2
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
19007e67578dd53e8f753357a613b20c08d2b59e22eba742d0f189e51f974283
1f6b760f8a6bf31aa7c0cb27978327821c347db6616b43d66be7b1ca682f7284
24db279a9d0ac236670e952f910ce8187898d09ab926eea90ab7d77033f1037e
255df06063ef8b4f994c1ae9d232d7c4f27c95b853a68fd9c03e31f4dd6b0031
2995be1b6599e3bedc1ef6a75799b6381cc8960431ccc3fd0898710870723e80
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cee782ee4d506975d017aae6b711462d6ae80e70a83dd42a6d86a59173704aa
2fdd4cc68b67f4242492a8e9d6627ff6822621e6695f08a41d49d214816d48a8
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
38a61e6b58ed70212156c4a6c51cc3ecb421b3e0692f3055ed0b740b742bd17a
3936bec5104bbbcb2481c33082bc101b6a8b9de39443478c3f0f3ff7f0cc4410
3ec3b46bd559eb524c7301c8ce3d90f479b249c96cc7b28e235b4a9ab577059e
401503518894f575673732c689a7885c78bb615900c0c3f726765eb4ce6aa799
4083cccccc99ac4bfba67250c3ae25010c336dce07cd29a4144f70c712bfb04b
4192547933c47032776c86cc04805a86655e4580d0c82b46787a120fcd96c146
4489654fed8c9c74673842a01b843721f90f284f177ec777830a1896b67594e6
4a00550e3daa88e365c0c91b179721198cb4152f1a6143981fcfb41cf582401c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b57f2085cb8eaa2a6985da8d96a71350afdda0619a470f966dc0d39bd1b2bfe
630926739cd402f9f898e468555e2ba2e79db538919ef0879119b8e4cc796075
639eedb19aefd64d30dc800c3cf5961057f54327168a97236db76a58b76d8be8
66a92410485c8fe2e9641a8f6317e825501d5f7d3469029d8549a9eac2fad370
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6e9cca040634f071c068f7f483dfeef82d8589b4082c8cbdc5301951647ba71b
71fe123751681d7aadfac82f6110323fe52bb091f433be66d282249699f4582b
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
93a1679cf7d6af1e698e3712191d26fb7aa77ea00cfa2df453d05e0964b32b5d
973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde
99e3e1f170fcf7976ae941f94285fa069a9000798509f545b8fb100a32cd5bef
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
a0d7e666607d2dae2ca26971f846f6b1d12b6a71dee622c1bc44acb18741e435
a3c335f5d402a4c3f99bb54da373a324c0a40ebe18bd68d2adcff8892bfbea5b
a71b44ca2df83ed8deeeafb7d45d6ea614a6a9e9632d239c88774e74a7d56d21
a7e37ef7d56b5113569cdf319545a0c98293f39e1d5cec35fd39e613f807eb6f
aaf8b44fb038938507a7957f6a3e4d73d8229229e6fad181136d2ef80003b751
afa2263f43e53ca655d020e0a4de1c8854e5545795f2c1af2b193d3efbbcc8f2
b345abe33a4f53c748b8b6858bbe2c0380add9fbbec748044d2e76d6f0bd681d
b5f92e1710378e03286e4e83457c515702902b0a7f72a8dcee69341eb59ed994
ba29dd2cfd66f3591529ff42c9213071c7d67ed3c093f4639ba8b840f372fadb
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
befe2a3930a23b6abad4df39ee8470c0d5cd1b2cb287f52446c177c264398804
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c95b3702ba55678b1f75d093df195e6455b38ed5fa467bac7deea152c7262bc7
ce29617437dd18739d6ae9d119ff943623838d35e23f4657c651ee40a066ac35
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d53b024c49f4d2cbf4105c1886af5682bc95393d52f13bb3e7f5eab398250a59
d5aab9ecebd2bc2f003980fdde59b97aad0fd105312d99fa50fcab580099aaf3
d6dd355cae238ae195e8ea8d2f72123bbbf4497b4b8db600bb8b4d64a2834768
d73a52ae4c6d78b256a0a3143a89412945761c2eeeaafe2bf982138aabe7c8b3
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8246c4b7ab5e537bcc6bac6571880ba0ae6f809e3be6fa94beecb53111073e5
e88d143d8b60486155fe7c8f308519df536e29ee28c4c4e2daba3067e9a5219a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd67d73fc9cb57580ae9ba6289e208ae518a660f1c72a13f13150b20bad4690e

nefakt.info Open in urlscan Pro 5.188.57.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

114 Requests

75 %HTTPS

30 %IPv6

37 Domains

45 Subdomains

24 IPs

9 Countries

1043 kBTransfer

2669 kBSize

53 Cookies

4 Outgoing links

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

nefakt.info Open in urlscan Pro
5.188.57.51 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

75 %
HTTPS

30 %
IPv6

37
Domains

45
Subdomains

24
IPs

9
Countries

1043 kB
Transfer

2669 kB
Size

53
Cookies

114 HTTP transactions
6 data transactions