sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com Open in urlscan Pro
65.21.188.212  Public Scan

URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Submission: On January 04 via api from US — Scanned from US

Summary

This website contacted 18 IPs in 4 countries across 12 domains to perform 57 HTTP transactions. The main IP is 65.21.188.212, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com.
This is the only time sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 65.21.188.212 24940 (HETZNER-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
16 185.143.233.200 205585 (ARVANCLOU...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.106.49 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 185.166.104.3 202319 (CAFEBAZAAR)
6 45.94.254.24 48551 (SINDAD)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 185.143.233.120 205585 (ARVANCLOU...)
4 185.143.234.120 205585 (ARVANCLOU...)
1 45.94.255.25 48551 (SINDAD)
1 3.248.28.17 16509 (AMAZON-02)
1 46.245.80.243 43754 (ASIATECH)
57 18
Apex Domain
Subdomains
Transfer
16 arvancloud.ir
www.arvancloud.ir
1 MB
13 pinepage.com
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
32 KB
7 mediaad.org
s1.mediaad.org — Cisco Umbrella Rank: 101091
mediacdn.mediaad.org — Cisco Umbrella Rank: 54958
api.mediaad.org — Cisco Umbrella Rank: 91132
52 KB
6 yektanet.com
cdn.yektanet.com — Cisco Umbrella Rank: 48028
audience.yektanet.com — Cisco Umbrella Rank: 53123
ua.yektanet.com — Cisco Umbrella Rank: 52481
18 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 266
www.google.com — Cisco Umbrella Rank: 6
852 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
192 KB
2 pingdom.net
rum-static.pingdom.net — Cisco Umbrella Rank: 9936
rum-collector-2.pingdom.net — Cisco Umbrella Rank: 9116
3 KB
1 pegah.tech
ma-cdn.pegah.tech — Cisco Umbrella Rank: 100147
2 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1326
2 KB
1 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1202
4 KB
57 12
Domain Requested by
16 www.arvancloud.ir sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
13 sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
5 api.mediaad.org s1.mediaad.org
4 ua.yektanet.com cdn.yektanet.com
ua.yektanet.com
2 www.google.com sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
www.googletagmanager.com
1 mediacdn.mediaad.org s1.mediaad.org
1 rum-collector-2.pingdom.net s1.mediaad.org
1 ma-cdn.pegah.tech s1.mediaad.org
1 audience.yektanet.com cdn.yektanet.com
1 analytics.google.com www.googletagmanager.com
1 unpkg.com www.googletagmanager.com
1 s1.mediaad.org www.googletagmanager.com
1 cdn.yektanet.com sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 rum-static.pingdom.net sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
57 19
Subject Issuer Validity Valid
arvancloud.ir
R3
2023-10-18 -
2024-01-16
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
cdn.yektanet.com
R3
2023-12-25 -
2024-03-24
3 months crt.sh
*.mediaad.org
R3
2023-12-02 -
2024-03-01
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
yektanet.com
R3
2023-10-15 -
2024-01-13
3 months crt.sh
*.pegah.tech
R3
2023-11-20 -
2024-02-18
3 months crt.sh

This page contains 3 frames:

Primary Page: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Frame ID: 9A69D3EBF508A99593CAEC8D3704F06E
Requests: 52 HTTP requests in this frame

Frame: https://ua.yektanet.com/cookie/iframe/
Frame ID: 2939D7A1C368DEF2EC95625F47CCF932
Requests: 2 HTTP requests in this frame

Frame: https://mediacdn.mediaad.org/static/fingerprint.html
Frame ID: F2578DCDB766D3F9A3697CF37542AC9D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

ArvanCloud | Unified Cloud Infrastructure

Detected technologies

Overall confidence: 75%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

57
Requests

74 %
HTTPS

44 %
IPv6

12
Domains

19
Subdomains

18
IPs

4
Countries

1748 kB
Transfer

5539 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
216 KB
31 KB
Document
General
Full URL
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
HTTP/1.1
Server
65.21.188.212 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.188.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e0b68115a6bccc61f7955252aac67dbe527490c61b522582eed110d9b4abb1cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 04 Jan 2024 06:29:35 GMT
ETag
W/"65842e87-35f68"
Last-Modified
Thu, 21 Dec 2023 12:24:39 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
arvan.css
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/css/
0
0
Stylesheet
General
Full URL
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/css/arvan.css?id=454425d97c8ddd768d2eb96fb1789ace
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
HTTP/1.1
Server
65.21.188.212 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.188.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 06:29:35 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
fonts-lato.css
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/css/
0
0
Stylesheet
General
Full URL
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/css/fonts-lato.css?id=17879d228e5a2faa67a25cac402ec4d9
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
HTTP/1.1
Server
65.21.188.212 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.188.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 06:29:35 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
Lato-Medium.ttf
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/Lato/
0
0
Font
General
Full URL
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/Lato/Lato-Medium.ttf?v=970802
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
HTTP/1.1
Server
65.21.188.212 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.188.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 06:29:35 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
Lato-Bold.ttf
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/Lato/
0
0
Font
General
Full URL
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/Lato/Lato-Bold.ttf?v=970802
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
HTTP/1.1
Server
65.21.188.212 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.188.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 06:29:35 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
Lato-Light.ttf
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/Lato/
0
0
Font
General
Full URL
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/Lato/Lato-Light.ttf?v=970802
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
HTTP/1.1
Server
65.21.188.212 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.188.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 06:29:35 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
font-dmsans.css
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/css/
0
0
Stylesheet
General
Full URL
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/css/font-dmsans.css?id=d01727b8bc71f41d920bd9ff94bd2303
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
HTTP/1.1
Server
65.21.188.212 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.188.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 06:29:35 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
DMSans-Regular.ttf
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/dm_sans/
0
0
Font
General
Full URL
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/dm_sans/DMSans-Regular.ttf
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
HTTP/1.1
Server
65.21.188.212 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.188.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 06:29:35 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
DMSans-Medium.ttf
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/dm_sans/
0
0
Font
General
Full URL
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/dm_sans/DMSans-Medium.ttf
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
HTTP/1.1
Server
65.21.188.212 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.188.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 06:29:35 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
DMSans-Bold.ttf
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/dm_sans/
0
0
Font
General
Full URL
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/dm_sans/DMSans-Bold.ttf
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
HTTP/1.1
Server
65.21.188.212 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.188.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 06:29:35 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
arvan.js
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/js/
0
0
Script
General
Full URL
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/js/arvan.js?id=18a9b8941aa80b1da6c0c1d5e24b2d5c
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
HTTP/1.1
Server
65.21.188.212 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.188.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 06:29:35 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
pa-5e26af0f66850900080002e1.js
rum-static.pingdom.net/
6 KB
3 KB
Script
General
Full URL
http://rum-static.pingdom.net/pa-5e26af0f66850900080002e1.js
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
HTTP/1.1
Server
2606:4700:10::6816:3668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6136ebf007a65c105c84f32f252d09f1b4be3fdd4c8e0f8d9827ec4e61ebb6f4

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 06:29:36 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 14 Oct 2022 06:22:28 GMT
Server
cloudflare
ETag
W/"63490024-1852"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
CF-RAY
84016d930bf94bcf-BUF
Expires
Thu, 04 Jan 2024 06:34:36 GMT
logo-header-desktop-v6.svg
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/images/v6/svg/
564 B
564 B
Image
General
Full URL
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/images/v6/svg/logo-header-desktop-v6.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
HTTP/1.1
Server
65.21.188.212 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.188.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 06:29:35 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
green-arrow.svg
www.arvancloud.ir/images/header/
347 B
538 B
Image
General
Full URL
https://www.arvancloud.ir/images/header/green-arrow.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
d39d58741fc3eddfcf23de14168df7c37a5f7d9603d8f811f2a151375a30e757
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Jan 2024 13:26:11 GMT
server
ArvanCloud
etag
W/"15b-60e0a8ef2c2c0"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=0
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
38997c48a0cbb0d136eea3cc6c02507e
x-sid
6111
gray-arrow.svg
www.arvancloud.ir/images/header/
353 B
546 B
Image
General
Full URL
https://www.arvancloud.ir/images/header/gray-arrow.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
89e0280aaefb19fa08057f7d13e52bebcb2fb781d7bdc2c8ca130a4dcf287169
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Jan 2024 13:26:11 GMT
server
ArvanCloud
etag
W/"161-60e0a8ef2c2c0"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=0
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
7a261b464892e00d30d85353c2a08107
x-sid
6111
What-is-PaaS-Cover.webp
www.arvancloud.ir/images/v6/header/
18 KB
18 KB
Image
General
Full URL
https://www.arvancloud.ir/images/v6/header/What-is-PaaS-Cover.webp
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
3bec54c22dd357ad1f7320cca14e1ce09fc92dd3640e194164e2dd365cf2e659
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 03 Jan 2024 13:26:12 GMT
server
ArvanCloud
etag
"4748-60e0a8f020500"
x-cache
HIT
cache-control
max-age=0
server-timing
total;dur=0
accept-ranges
bytes
content-length
18248
x-xss-protection
1; mode=block
x-request-id
3f1f1bceb9c4106a2f9fdc4bb97f9cd4
x-sid
6111
articles-arrow.svg
www.arvancloud.ir/images/header/
598 B
717 B
Image
General
Full URL
https://www.arvancloud.ir/images/header/articles-arrow.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
b4bdb7f99b61c10011e5ab9eccb1d99c1d400dca1cc8c75ee91e69a973458525
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Jan 2024 13:26:11 GMT
server
ArvanCloud
etag
W/"256-60e0a8ef2c2c0"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=0
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
d940e528faccc083940ee6b28254744f
x-sid
6111
En-What-is-VPS-Cover.webp
www.arvancloud.ir/images/v6/header/
17 KB
17 KB
Image
General
Full URL
https://www.arvancloud.ir/images/v6/header/En-What-is-VPS-Cover.webp
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
ec2809ff744437fad7f7cca69f89a208c9bbbf5509f80f2f42552c26ae8d3eb5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 03 Jan 2024 13:26:12 GMT
server
ArvanCloud
etag
"4222-60e0a8f020500"
x-cache
HIT
cache-control
max-age=0
server-timing
total;dur=0
accept-ranges
bytes
content-length
16930
x-xss-protection
1; mode=block
x-request-id
0870e83b55153263bab52a17cdbf46a2
x-sid
6111
logo-header-mobile-v6.svg
www.arvancloud.ir/images/v6/svg/
940 B
848 B
Image
General
Full URL
https://www.arvancloud.ir/images/v6/svg/logo-header-mobile-v6.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
8be7d31b98e50c9d6da8dc2670e9ba6c952e7a63539a69e4e74b4849b7c7d2aa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Jan 2024 13:26:12 GMT
server
ArvanCloud
etag
W/"3ac-60e0a8f020500"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=0
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
1381d9c42cddbb34640ea4e4028757c4
x-sid
6111
logotype-menu-mobile-v6-en.svg
www.arvancloud.ir/images/v6/svg/
4 KB
2 KB
Image
General
Full URL
https://www.arvancloud.ir/images/v6/svg/logotype-menu-mobile-v6-en.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
f8ef1ab01d80f032fa70367ba142fa1dd4a4197fe299c5e810e9abf9a9fda3b7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Jan 2024 13:26:12 GMT
server
ArvanCloud
etag
W/"f63-60e0a8f020500"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=0
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
f6f630fb414e0d163b458af9d42e53ee
x-sid
6111
arrow-icon.svg
www.arvancloud.ir/images/v6/header/
218 B
509 B
Image
General
Full URL
https://www.arvancloud.ir/images/v6/header/arrow-icon.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
d856db09f0279f73c693e9416cc70c77bed1a15a714473a90f17c3e50fc79e4b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Jan 2024 13:26:12 GMT
server
ArvanCloud
etag
W/"da-60e0a8f020500"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=0
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
cb69780e4e84c3a965b1c6ef50fadd60
x-sid
6111
arrow-left.svg
www.arvancloud.ir/images/v6/header/
354 B
546 B
Image
General
Full URL
https://www.arvancloud.ir/images/v6/header/arrow-left.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
0e6574c3bac7e15c9855619417570962ffada91751c9d8f0c58ee59c3f45adb5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Jan 2024 13:26:12 GMT
server
ArvanCloud
etag
W/"162-60e0a8f020500"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=0
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
d9d5983594c2f102e1d63efdefa499c9
x-sid
6111
hero.png
www.arvancloud.ir/images/v6/home/
36 KB
36 KB
Image
General
Full URL
https://www.arvancloud.ir/images/v6/home/hero.png
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
02af42f8fe6c9dd6562a4eb97e68772bd3716188704176eb1e3715bff1180b87
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 03 Jan 2024 13:26:12 GMT
server
ArvanCloud
etag
W/"4c25d-60e0a8f020500"
x-cache
HIT
content-type
image/webp
cache-control
max-age=0
server-timing
total;dur=0
accept-ranges
bytes
content-length
36478
x-xss-protection
1; mode=block
x-request-id
7fb306367301d17e75ebc884f78ef6fc
x-sid
6111
cdn-en.svg
www.arvancloud.ir/images/v6/home/products/
434 KB
146 KB
Image
General
Full URL
https://www.arvancloud.ir/images/v6/home/products/cdn-en.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
7bf8044f119b7fe9097871bd74c79feabd2dc12fdec76bab39200ef9a1e0fe19
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Jan 2024 13:26:12 GMT
server
ArvanCloud
etag
W/"6c81d-60e0a8f020500"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=0
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
b40a04d71e69ba1d9beed941fe5eff69
x-sid
6111
cloud-server-en.svg
www.arvancloud.ir/images/v6/home/products/
467 KB
157 KB
Image
General
Full URL
https://www.arvancloud.ir/images/v6/home/products/cloud-server-en.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
4517f50a694353f625cb0e21d3618cc4f44d38d26227659dacd0b9f3f916091f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Jan 2024 13:26:12 GMT
server
ArvanCloud
etag
W/"74a05-60e0a8f020500"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=0
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
ec386962664acdafd25d5e13af595967
x-sid
6111
object-storage-en.svg
www.arvancloud.ir/images/v6/home/products/
527 KB
169 KB
Image
General
Full URL
https://www.arvancloud.ir/images/v6/home/products/object-storage-en.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
7e54321ae32964d16a3024a7773881fb367680eff562b897f788c537a4b88887
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Jan 2024 13:26:12 GMT
server
ArvanCloud
etag
W/"83ce8-60e0a8f020500"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=0
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
3de579f5bdafa7cfaf42747ecdfd92c1
x-sid
6111
video-platform-en.svg
www.arvancloud.ir/images/v6/home/products/
550 KB
192 KB
Image
General
Full URL
https://www.arvancloud.ir/images/v6/home/products/video-platform-en.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
f55763ebdfa8b49713f88a7045ae9752e6253be7c5ba2b64553f341fde6eeb09
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Jan 2024 13:26:12 GMT
server
ArvanCloud
etag
W/"898c9-60e0a8f020500"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=0
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
876b3e26c5c2e8208d2d3335bddc1695
x-sid
6111
container-en.svg
www.arvancloud.ir/images/v6/home/products/
775 KB
266 KB
Image
General
Full URL
https://www.arvancloud.ir/images/v6/home/products/container-en.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
b1146d06957c88b6916f10768026512026406f8f8f54b43facdda666767d9207
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Jan 2024 13:26:12 GMT
server
ArvanCloud
etag
W/"c1a06-60e0a8f020500"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=0
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
d9d3f3854b84ec70ae600e81f3b245ad
x-sid
6111
globe.svg
www.arvancloud.ir/images/v6/home/
1 MB
412 KB
Image
General
Full URL
https://www.arvancloud.ir/images/v6/home/globe.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.200 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
1b7b5f0a08a5639c6d926dc3044ee62be828cb80e1b754daecfda3e23fa2cebd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 06:29:36 GMT
date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Jan 2024 13:26:12 GMT
server
ArvanCloud
etag
W/"171697-60e0a8f020500"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=0
server-timing
total;dur=0
x-xss-protection
1; mode=block
x-request-id
bc6cd26bd48755ae4f917175536342a4
x-sid
6111
logotype-footer-v6-en.svg
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/images/v6/svg/
564 B
564 B
Image
General
Full URL
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/images/v6/svg/logotype-footer-v6-en.svg
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
HTTP/1.1
Server
65.21.188.212 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.188.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 06:29:35 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
gtm.js
www.googletagmanager.com/
492 KB
106 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MDCM3FH
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c609d2478a1149b90a66ff96a84b2041f4b4772883bcd890b5d82ab73651fd68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:29:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107842
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Jan 2024 06:29:35 GMT
hotjar-1231721.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1231721.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDCM3FH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
b5fe4c48eee44193c071e2cfa34150bf40926485b529292014a5b0eebdcecdf9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:29:36 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 134f499632d1e15750219cb766bdc50c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/5e6d4274fae9320f2bed0056ba552c7f
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
HzSWJfYUVHYC8TtPezKC38rKphUxqUy1KS7WZYkrSbVpNJJ68HHjeQ==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11019300329/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11019300329/?random=1704349776091&cv=11&fst=1704349776091&bg=ffffff&guid=ON&async=1&gtm=45He3bt0h1v830803378&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=http%3A%2F%2Fsber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com%2F&hn=www.googleadservices.com&frm=0&tiba=ArvanCloud%20%7C%20Unified%20Cloud%20Infrastructure&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDCM3FH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7614e936b5c18d532dfc58f29f7ed258bc91fb99453fab32487e7520af020e57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 06:29:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1275
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rg.complete.js
cdn.yektanet.com/rg_woebegone/scripts_v3/qfYR4ErY/
45 KB
14 KB
Script
General
Full URL
https://cdn.yektanet.com/rg_woebegone/scripts_v3/qfYR4ErY/rg.complete.js?v=20240003020
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.166.104.3 , Iran, Islamic Republic Of, ASN202319 (CAFEBAZAAR, IR),
Reverse DNS
Software
Delivery /
Resource Hash
f1f94f2b33624c90a25177a250f665058742f478c120461e6fbcfffec3760695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:29:36 GMT
strict-transport-security
max-age=31536000
x-zrk-cs
REVALIDATED
last-modified
Wed, 03 Jan 2024 06:56:02 GMT
server
Delivery
x-amz-request-id
tx00000f94eefb6757f801d-0065958b45-82bbb22-default
etag
W/"a9d4f6753be4ca66aa48e05fd0fb172c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
content-encoding
br
x-rgw-object-type
Normal
cache-control
public, max-age=3600
x-zrk-us
200
x-zrk-sn
4001
retargeting.js
s1.mediaad.org/serve/47904/
139 KB
48 KB
Script
General
Full URL
https://s1.mediaad.org/serve/47904/retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDCM3FH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),
Reverse DNS
host.sindad.org
Software
/
Resource Hash
d5a15b921f03f00ffa0b32868f9067e25f8811f52b0049253c91dae5dc863ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:29:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 25 Nov 2023 09:10:23 GMT
etag
W/"6561b9ff-22a7b"
x-cache-status
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
x-cache-status-asiatech
HIT, HIT
expires
Thu, 04 Jan 2024 11:14:29 GMT
web-vitals.umd.js
unpkg.com/web-vitals@1.1.2/dist/
4 KB
2 KB
Script
General
Full URL
https://unpkg.com/web-vitals@1.1.2/dist/web-vitals.umd.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDCM3FH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
655a9ea42476533d03fd7d46ca6c1e4dd6e8cf1c33b35bdbcf1c8101915c782b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:29:36 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3606937
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HFY2REV8CPWA2QRRWPHW5WPR-lga
server
cloudflare
etag
W/"1107-KNpy/vtQ6KfqWl7q5srbGEJyE5E"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84016d952f684bc1-BUF
js
www.googletagmanager.com/gtag/
253 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8VNGLNVW29&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDCM3FH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3ddad9dbb329cecb8a64fa4e02fed2052cfe5572652a434b6681b6ca33b4d43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:29:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87837
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 06:29:36 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDCM3FH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jan 2024 05:51:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2267
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 04 Jan 2024 07:51:49 GMT
collect
analytics.google.com/g/
0
290 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8VNGLNVW29&gtm=45je3bt0v881827739z8830803378&_p=1704349775784&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1362069407.1704349776&ul=en-us&sr=1600x1200&_s=1&sid=1704349776&sct=1&seg=0&dl=http%3A%2F%2Fsber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com%2F&dt=ArvanCloud%20%7C%20Unified%20Cloud%20Infrastructure&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1001
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8VNGLNVW29&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 06:29:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
290 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8VNGLNVW29&cid=1362069407.1704349776&gtm=45je3bt0v881827739z8830803378&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8VNGLNVW29&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 06:29:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11019300329/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/11019300329/?random=1704349776091&cv=11&fst=1704348000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0h1v830803378&u_w=1600&u_h=1200&url=http%3A%2F%2Fsber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com%2F&frm=0&tiba=ArvanCloud%20%7C%20Unified%20Cloud%20Infrastructure&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_YeoJtebUQGR58Iex1JuNt0tJPyOvyg&random=1900270580&rmt_tld=0&ipr=y
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 06:29:36 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
245 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=600805188&t=pageview&_s=1&dl=http%3A%2F%2Fsber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com%2F&ul=en-us&de=UTF-8&dt=ArvanCloud%20%7C%20Unified%20Cloud%20Infrastructure&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1850124771&gjid=814603514&cid=1362069407.1704349776&tid=UA-64853106-1&_gid=846279032.1704349776&_r=1&_slc=1&gtm=45He3bt0h1n81MDCM3FHv830803378&gcd=11l1l1l1l1&dma=0&z=1541757432
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 06:29:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
2 B
149 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-64853106-1&cid=1362069407.1704349776&jid=1850124771&gjid=814603514&_gid=846279032.1704349776&_u=YADAAEAAAAAAACAAI~&z=1018776772
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 04 Jan 2024 06:29:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-64853106-1&cid=1362069407.1704349776&jid=1850124771&_u=YADAAEAAAAAAACAAI~&z=1068277607
Requested by
Host: sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 06:29:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
audience.yektanet.com/api/v1/scripts/preview/validate/
5 B
481 B
XHR
General
Full URL
https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=6c90b6q3
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/qfYR4ErY/rg.complete.js?v=20240003020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:29:37 GMT
x-cache
BYPASS
server-timing
total;dur=157
content-length
5
x-xss-protection
1; mode=block
x-request-id
67d681f94f50709181a031be81ddbcf8
x-sid
6111
pragma
no-cache
server
ArvanCloud
allow
GET, OPTIONS
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Authorization
expires
0
/
ua.yektanet.com/cookie/iframe/ Frame 2939
3 KB
1 KB
Document
General
Full URL
https://ua.yektanet.com/cookie/iframe/
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/qfYR4ErY/rg.complete.js?v=20240003020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
ec23baab8cd3483c4877e0e191853c7566fef52363c7abf347286f63a93b9c99
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
br
content-type
text/html
date
Thu, 04 Jan 2024 06:29:37 GMT
expires
0
last-modified
Thursday, 04-Jan-2024 06:29:37 GMT
pragma
no-cache
server
ArvanCloud
server-timing
total;dur=86
vary
Accept-Encoding
x-cache
BYPASS
x-request-id
1614fbed0f2fcb7dfbe7d900113ec76f
x-sid
4106
x-xss-protection
1; mode=block
__fake.gif
ua.yektanet.com/
42 B
693 B
Ping
General
Full URL
https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=ef688e6d-c4c3-4154-947a-226b19f6af5a&abj=0&aed=adv&abh=5632&sv=3&st=rg.complete.js&ac=http%3A%2F%2Fsber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com%2F&ae=%7B%7D&ad=sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com&as=ArvanCloud%20%7C%20Unified%20Cloud%20Infrastructure&aef=6c90b6q3&aec=5570&ai=20891be5-0178-ff36-0148-e0940be516e1&abw=1584&abb=9970&aby=1600&abz=1200&al=1600&am=1200&abk=Unified%20Cloud%20Infrastructure
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/qfYR4ErY/rg.complete.js?v=20240003020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Thu, 04 Jan 2024 06:29:37 GMT
last-modified
Thursday, 04-Jan-2024 06:29:37 GMT
server
ArvanCloud
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
server-timing
total;dur=94
accept-ranges
bytes
content-length
42
x-xss-protection
1; mode=block
x-request-id
ce0bbec874f20d1718abea05e167c2d9
x-sid
4106
__fake.gif
ua.yektanet.com/
42 B
694 B
Ping
General
Full URL
https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=0645ac53-bf83-477f-b68d-a9c7e6e8883a&abj=1&aed=adv&abh=5632&sv=3&st=rg.complete.js&psc=651&psi=865&ac=http%3A%2F%2Fsber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com%2F&ae=%7B%7D&ad=sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com&as=ArvanCloud%20%7C%20Unified%20Cloud%20Infrastructure&aef=6c90b6q3&aec=5570&ai=20891be5-0178-ff36-0148-e0940be516e1&abw=1584&abb=9970&aby=1600&abz=1200&al=1600&am=1200&abk=Unified%20Cloud%20Infrastructure
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/qfYR4ErY/rg.complete.js?v=20240003020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Thu, 04 Jan 2024 06:29:37 GMT
last-modified
Thursday, 04-Jan-2024 06:29:37 GMT
server
ArvanCloud
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
server-timing
total;dur=96
accept-ranges
bytes
content-length
42
x-xss-protection
1; mode=block
x-request-id
87c8c449557ae28f8493f780de1f0900
x-sid
4106
set
ua.yektanet.com/cookie/ Frame 2939
78 B
805 B
XHR
General
Full URL
https://ua.yektanet.com/cookie/set
Requested by
Host: ua.yektanet.com
URL: https://ua.yektanet.com/cookie/iframe/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
bea6931d209d3cfe9fbda9e2809cb2332b1ec8003df516e29384cf7813de33a3
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ua.yektanet.com/cookie/iframe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:29:37 GMT
content-encoding
br
x-cache
BYPASS
server-timing
total;dur=86
x-xss-protection
1; mode=block
x-request-id
3505295aac1c245a7b2758ecec39c5e5
x-sid
4106
pragma
no-cache
last-modified
Thursday, 04-Jan-2024 06:29:37 GMT
server
ArvanCloud
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
expires
0
advertiser.json
ma-cdn.pegah.tech/v1/retargeting/47904/
7 KB
2 KB
XHR
General
Full URL
https://ma-cdn.pegah.tech/v1/retargeting/47904/advertiser.json
Requested by
Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/47904/retargeting.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),
Reverse DNS
host.sindad.cloud
Software
/
Resource Hash
21476196c72a2cab3a1fd187469180ec0e4721525e119a071771792a6b0386ef
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:29:38 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-requested-with
cache-control
max-age=300
access-control-allow-credentials
false
access-control-allow-headers
x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
beacon.gif
rum-collector-2.pingdom.net/img/
0
213 B
XHR
General
Full URL
http://rum-collector-2.pingdom.net/img/beacon.gif?id=5e26af0f66850900080002e1&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=25&cE=149&dLE=25&dLS=1&fS=0&hS=-1&rE=-1&rS=-1&reS=150&resS=276&resE=457&uEE=-1&uES=-1&dL=279&dI=608&dCLES=695&dCLEE=695&dC=3221&lES=3221&lEE=3228&s=nt&title=ArvanCloud%20%7C%20Unified%20Cloud%20Infrastructure&path=http%3A%2F%2Fsber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com%2F&ref=&sId=1prst4fm&sST=1704349778&sIS=1&rV=0&v=1.4.1
Requested by
Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/47904/retargeting.js
Protocol
HTTP/1.1
Server
3.248.28.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Thu, 04 Jan 2024 06:29:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
fingerprint.html
mediacdn.mediaad.org/static/ Frame F257
4 KB
2 KB
Document
General
Full URL
https://mediacdn.mediaad.org/static/fingerprint.html
Requested by
Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/47904/retargeting.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.245.80.243 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
/
Resource Hash
0461ea13631a27215fb77c57508c5256acbf71cc30c6927130cfe7a9f982b9bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
false
access-control-allow-headers
x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin
*
access-control-expose-headers
x-requested-with
cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 04 Jan 2024 06:29:39 GMT
expires
Thu, 04 Jan 2024 11:14:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cache-status
HIT
x-cache-status-asiatech
HIT HIT
tag
api.mediaad.org/v1/events/
0
514 B
XHR
General
Full URL
https://api.mediaad.org/v1/events/tag?fid=227a58f7-72d6-494b-880e-6c8eba61b16b&c=false
Requested by
Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/47904/retargeting.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),
Reverse DNS
host.sindad.org
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 04 Jan 2024 06:29:40 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
access-control-expose-headers
x-requested-with
access-control-allow-credentials
true
access-control-allow-headers
x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length
0
loaded
api.mediaad.org/v2/events/page/
0
534 B
XHR
General
Full URL
https://api.mediaad.org/v2/events/page/loaded
Requested by
Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/47904/retargeting.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),
Reverse DNS
host.sindad.org
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 04 Jan 2024 06:29:40 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
content-type
text/plain;charset=UTF-8
access-control-allow-origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
access-control-expose-headers
x-requested-with
access-control-allow-credentials
true
access-control-allow-headers
x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length
0
tag
api.mediaad.org/v1/events/ Frame
0
0
Preflight
General
Full URL
https://api.mediaad.org/v1/events/tag?fid=227a58f7-72d6-494b-880e-6c8eba61b16b&c=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),
Reverse DNS
host.sindad.org
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
access-control-expose-headers
x-requested-with
content-length
0
date
Thu, 04 Jan 2024 06:29:40 GMT
strict-transport-security
max-age=15724800; includeSubDomains
loaded
api.mediaad.org/v2/events/page/ Frame
0
0
Preflight
General
Full URL
https://api.mediaad.org/v2/events/page/loaded
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),
Reverse DNS
host.sindad.org
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
access-control-expose-headers
x-requested-with
content-length
0
date
Thu, 04 Jan 2024 06:29:40 GMT
strict-transport-security
max-age=15724800; includeSubDomains
10
api.mediaad.org/v1/events/session/
0
390 B
XHR
General
Full URL
https://api.mediaad.org/v1/events/session/10
Requested by
Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/47904/retargeting.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),
Reverse DNS
host.sindad.org
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:29:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin
http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
access-control-expose-headers
x-requested-with
access-control-allow-credentials
true
access-control-allow-headers
x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length
0

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer object| google_tag_manager object| google_tag_data function| hj object| _hjSettings object| GooglebQhCsO string| yektanetAnalyticsObject function| yektanet string| GoogleAnalyticsObject function| ga object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| gaplugins object| gaData object| ynWebpackJsonp object| regeneratorRuntime boolean| yektanet_ua-script-6c90b6q3_is_loaded object| __SENTRY__ boolean| mediaadRetargetingScriptLoaded object| webVitals function| sendToGTM

13 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.pinepage.com/ Name: _ga_8VNGLNVW29
Value: GS1.1.1704349776.1.0.1704349776.60.0.0
.pinepage.com/ Name: _ga
Value: GA1.2.1362069407.1704349776
.pinepage.com/ Name: _gid
Value: GA1.2.846279032.1704349776
.pinepage.com/ Name: _gat_UA-64853106-1
Value: 1
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/ Name: analytics_token
Value: 653f7fa6-537d-6d4d-1a39-7fc592de49c2
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/ Name: analytics_session_token
Value: 20891be5-0178-ff36-0148-e0940be516e1
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/ Name: yektanet_session_last_activity
Value: 1/4/2024
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/ Name: _yngt_iframe
Value: 1
.yektanet.com/ Name: gearbox_ad_token
Value: c61fc787-7349e-eebe3-3128c-c77c02042968a
.yektanet.com/ Name: analytics_global_token
Value: c61fc787-7349e-eebe3-3128c-c77c02042968a
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/ Name: _yngt
Value: c61fc787-7349e-eebe3-3128c-c77c02042968a
.mediaad.org/ Name: USER_ID
Value: 227a58f7-72d6-494b-880e-6c8eba61b16b

18 Console Messages

Source Level URL
Text
network error URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/css/arvan.css?id=454425d97c8ddd768d2eb96fb1789ace
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/css/fonts-lato.css?id=17879d228e5a2faa67a25cac402ec4d9
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/css/font-dmsans.css?id=d01727b8bc71f41d920bd9ff94bd2303
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/Lato/Lato-Medium.ttf?v=970802
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/Lato/Lato-Bold.ttf?v=970802
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/Lato/Lato-Light.ttf?v=970802
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/js/arvan.js?id=18a9b8941aa80b1da6c0c1d5e24b2d5c
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/dm_sans/DMSans-Regular.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/dm_sans/DMSans-Medium.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/dm_sans/DMSans-Bold.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/images/v6/svg/logo-header-desktop-v6.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/images/v6/svg/logotype-footer-v6-en.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Message:
The resource http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/Lato/Lato-Bold.ttf?v=970802 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Message:
The resource http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/Lato/Lato-Medium.ttf?v=970802 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Message:
The resource http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/dm_sans/DMSans-Bold.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Message:
The resource http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/Lato/Lato-Light.ttf?v=970802 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Message:
The resource http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/dm_sans/DMSans-Medium.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/
Message:
The resource http://sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com/fonts/dm_sans/DMSans-Regular.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.mediaad.org
audience.yektanet.com
cdn.yektanet.com
googleads.g.doubleclick.net
ma-cdn.pegah.tech
mediacdn.mediaad.org
rum-collector-2.pingdom.net
rum-static.pingdom.net
s1.mediaad.org
sber.www.pay.pay.pay.pay.avito.ugod2lahjoaepvj.admin.pinepage.com
static.hotjar.com
stats.g.doubleclick.net
ua.yektanet.com
unpkg.com
www.arvancloud.ir
www.google-analytics.com
www.google.com
www.googletagmanager.com
108.138.106.49
185.143.233.120
185.143.233.200
185.143.234.120
185.166.104.3
2001:4860:4802:34::181
2606:4700:10::6816:3668
2606:4700::6810:7aaf
2607:f8b0:4004:c06::9a
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::200e
2607:f8b0:4006:823::2002
3.248.28.17
45.94.254.24
45.94.255.25
46.245.80.243
65.21.188.212
02af42f8fe6c9dd6562a4eb97e68772bd3716188704176eb1e3715bff1180b87
0461ea13631a27215fb77c57508c5256acbf71cc30c6927130cfe7a9f982b9bd
0e6574c3bac7e15c9855619417570962ffada91751c9d8f0c58ee59c3f45adb5
1b7b5f0a08a5639c6d926dc3044ee62be828cb80e1b754daecfda3e23fa2cebd
21476196c72a2cab3a1fd187469180ec0e4721525e119a071771792a6b0386ef
3bec54c22dd357ad1f7320cca14e1ce09fc92dd3640e194164e2dd365cf2e659
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
4517f50a694353f625cb0e21d3618cc4f44d38d26227659dacd0b9f3f916091f
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6136ebf007a65c105c84f32f252d09f1b4be3fdd4c8e0f8d9827ec4e61ebb6f4
655a9ea42476533d03fd7d46ca6c1e4dd6e8cf1c33b35bdbcf1c8101915c782b
7614e936b5c18d532dfc58f29f7ed258bc91fb99453fab32487e7520af020e57
7bf8044f119b7fe9097871bd74c79feabd2dc12fdec76bab39200ef9a1e0fe19
7e54321ae32964d16a3024a7773881fb367680eff562b897f788c537a4b88887
89e0280aaefb19fa08057f7d13e52bebcb2fb781d7bdc2c8ca130a4dcf287169
8be7d31b98e50c9d6da8dc2670e9ba6c952e7a63539a69e4e74b4849b7c7d2aa
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1146d06957c88b6916f10768026512026406f8f8f54b43facdda666767d9207
b4bdb7f99b61c10011e5ab9eccb1d99c1d400dca1cc8c75ee91e69a973458525
b5fe4c48eee44193c071e2cfa34150bf40926485b529292014a5b0eebdcecdf9
bea6931d209d3cfe9fbda9e2809cb2332b1ec8003df516e29384cf7813de33a3
c3ddad9dbb329cecb8a64fa4e02fed2052cfe5572652a434b6681b6ca33b4d43
c609d2478a1149b90a66ff96a84b2041f4b4772883bcd890b5d82ab73651fd68
d39d58741fc3eddfcf23de14168df7c37a5f7d9603d8f811f2a151375a30e757
d5a15b921f03f00ffa0b32868f9067e25f8811f52b0049253c91dae5dc863ab9
d856db09f0279f73c693e9416cc70c77bed1a15a714473a90f17c3e50fc79e4b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0b68115a6bccc61f7955252aac67dbe527490c61b522582eed110d9b4abb1cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec23baab8cd3483c4877e0e191853c7566fef52363c7abf347286f63a93b9c99
ec2809ff744437fad7f7cca69f89a208c9bbbf5509f80f2f42552c26ae8d3eb5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f94f2b33624c90a25177a250f665058742f478c120461e6fbcfffec3760695
f55763ebdfa8b49713f88a7045ae9752e6253be7c5ba2b64553f341fde6eeb09
f8ef1ab01d80f032fa70367ba142fa1dd4a4197fe299c5e810e9abf9a9fda3b7
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa