urlscan.io logo urlscan.io
SecurityTrails logo

invoice.99p.ru Open in urlscan Pro
92.243.127.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://feedproxy.google.com/~r/crecbube/~3/531U2jCsCbI/output.php
Effective URL: https://invoice.99p.ru/
Submission Tags: falconsandbox
Submission: On September 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 29 HTTP transactions. The main IP is 92.243.127.158, located in Tomsk, Russian Federation and belongs to NEWTELESYSTEMS, RU. The main domain is invoice.99p.ru.
TLS certificate: Issued by R3 on September 6th 2021. Valid for: 3 months.
This is the only time invoice.99p.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 142.250.186.142 15169 (GOOGLE)
4 92.243.127.158 31036 (NEWTELESY...)
1 142.250.186.42 15169 (GOOGLE)
3 9 87.250.250.119 13238 (YANDEX)
4 172.217.18.99 15169 (GOOGLE)
1 12 104.18.70.113 13335 (CLOUDFLAR...)
3 104.16.51.111 13335 (CLOUDFLAR...)
29 6
1    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
feedproxy.google.com
4    92.243.127.158 (Tomsk, Russian Federation)

ASN31036 (NEWTELESYSTEMS, RU)
PTR: 92-243-127-158.mynts.ru
invoice.99p.ru
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
9    87.250.250.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
4    172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f3.1e100.net
fonts.gstatic.com
12    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.zendesk.com
static.zdassets.com
ekr.zdassets.com
3    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
mainsms.zendesk.com
Domain Requested by
10 static.zdassets.com invoice.99p.ru
assets.zendesk.com
static.zdassets.com
7 mc.yandex.com 2 redirects invoice.99p.ru
mc.yandex.ru
4 fonts.gstatic.com fonts.googleapis.com
4 invoice.99p.ru invoice.99p.ru
3 mainsms.zendesk.com assets.zendesk.com
static.zdassets.com
2 mc.yandex.ru 1 redirects invoice.99p.ru
1 ekr.zdassets.com assets.zendesk.com
1 assets.zendesk.com 1 redirects
1 fonts.googleapis.com invoice.99p.ru
1 feedproxy.google.com 1 redirects
29 10

This site contains no links.

Subject Issuer Validity Valid
invoice.99p.ru
R3		 2021-09-06 -
2021-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
ssl1036557.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-08 -
2022-07-07		 a year crt.sh
mainsms.zendesk.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh

This page contains 3 frames:

Primary Page: https://invoice.99p.ru/
Frame ID: 0CBBC217121F8CBE733563DA36B9E107
Requests: 15 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: A76B28FE55AAB4203D4CD3F66DC8D6C6
Requests: 3 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Frame ID: B915B4245C210BD9C22D7E64C8B86025
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Выбор организации

Page URL History Show full URLs

  1. http://feedproxy.google.com/~r/crecbube/~3/531U2jCsCbI/output.php HTTP 301
    https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/output.php?utm_source=feedburner&... Page URL
  2. https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/output.php?utm_source=feedburner&... Page URL
  3. https://invoice.99p.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

6
IPs

3
Countries

522 kB
Transfer

1650 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://feedproxy.google.com/~r/crecbube/~3/531U2jCsCbI/output.php HTTP 301
    https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/output.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+crecbube+%28wobblerrecital%29 Page URL
  2. https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/output.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+crecbube+%28wobblerrecital%29 Page URL
  3. https://invoice.99p.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://feedproxy.google.com/~r/crecbube/~3/531U2jCsCbI/output.php HTTP 301
  • https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/output.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+crecbube+%28wobblerrecital%29
Request Chain 7
  • https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 10
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9408.u5dLnSmOmFmPnIzJIgRQTukjqlu1tDMc7-QEDkkVCklpqWkZyqJd5iE-dSIWD2Vp.fJ20JI2az86qHTDFmn8xkd7E2HA%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9408.VNcQB1ZcSnUyKAmuWk4Y22OoTirqD9K20VFz5rNzdc2lP7zYCf7UyZWRm-d2i2GV9MgBmk_2zgK62EwGWtjKSQ%2C%2C.UDHqhPiyDap2pHIUexfuc9X8j-I%2C
Request Chain 13
  • https://mc.yandex.com/watch/50923805?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Foutput.php%3Futm_source%3Dfeedburner%26utm_medium%3Dfeed%26utm_campaign%3DFeed%253A%2Bcrecbube%2B%2528wobblerrecital%2529&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A302%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A836711652106%3Ahid%3A625020684%3Az%3A0%3Ai%3A20210926180109%3Aet%3A1632679269%3Ac%3A1%3Arn%3A529996084%3Arqn%3A1%3Au%3A1632679269979593601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632679268651%3Ads%3A0%2C0%2C88%2C1%2C3%2C0%2C%2C106%2C0%2C%2C%2C%2C296%3Adsn%3A0%2C0%2C88%2C1%2C3%2C0%2C%2C200%2C0%2C%2C%2C%2C296%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632679269%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8 HTTP 302
  • https://mc.yandex.com/watch/50923805/1?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Foutput.php%3Futm_source%3Dfeedburner%26utm_medium%3Dfeed%26utm_campaign%3DFeed%253A%2Bcrecbube%2B%2528wobblerrecital%2529&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A302%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A836711652106%3Ahid%3A625020684%3Az%3A0%3Ai%3A20210926180109%3Aet%3A1632679269%3Ac%3A1%3Arn%3A529996084%3Arqn%3A1%3Au%3A1632679269979593601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632679268651%3Ads%3A0%2C0%2C88%2C1%2C3%2C0%2C%2C106%2C0%2C%2C%2C%2C296%3Adsn%3A0%2C0%2C88%2C1%2C3%2C0%2C%2C200%2C0%2C%2C%2C%2C296%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632679269%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
output.php
invoice.99p.ru/assets/jquery-file-upload/server/php/files/
Redirect Chain
  • http://feedproxy.google.com/~r/crecbube/~3/531U2jCsCbI/output.php
  • https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/output.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+crecbube+%28wobblerrecital%29
937 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/output.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+crecbube+%28wobblerrecital%29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.243.127.158 Tomsk, Russian Federation, ASN31036 (NEWTELESYSTEMS, RU),
Reverse DNS
92-243-127-158.mynts.ru
Software
Microsoft-IIS/8.0 / PHP/5.4.24
Resource Hash

Request headers

Host
invoice.99p.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.0
X-Powered-By
PHP/5.4.24
Date
Sun, 26 Sep 2021 18:01:10 GMT
Content-Length
566

Redirect headers

Location
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/output.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+crecbube+%28wobblerrecital%29
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Date
Sun, 26 Sep 2021 18:01:07 GMT
Expires
Sun, 26 Sep 2021 18:01:07 GMT
Cache-Control
private, max-age=0
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Length
277
Server
GSE
output.php
invoice.99p.ru/assets/jquery-file-upload/server/php/files/ 		956 B
819 B 		Document
General
Check archive.org
Download Go to
Full URL
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/output.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+crecbube+%28wobblerrecital%29
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/output.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+crecbube+%28wobblerrecital%29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.243.127.158 Tomsk, Russian Federation, ASN31036 (NEWTELESYSTEMS, RU),
Reverse DNS
92-243-127-158.mynts.ru
Software
Microsoft-IIS/8.0 / PHP/5.4.24
Resource Hash

Request headers

Host
invoice.99p.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/output.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+crecbube+%28wobblerrecital%29
Accept-Encoding
gzip, deflate, br
Cookie
d=0; n=Etc/Unknown
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/output.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+crecbube+%28wobblerrecital%29

Response headers

Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.0
X-Powered-By
PHP/5.4.24
Date
Sun, 26 Sep 2021 18:01:10 GMT
Content-Length
617
Primary Request Cookie set /
invoice.99p.ru/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://invoice.99p.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.243.127.158 Tomsk, Russian Federation, ASN31036 (NEWTELESYSTEMS, RU),
Reverse DNS
92-243-127-158.mynts.ru
Software
Microsoft-IIS/8.0 / PHP/5.4.24
Resource Hash
85adac1931ad9cf9560be6d8bfee3a178b01d2036d47c18d84d5dedc37b26c45

Request headers

Host
invoice.99p.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/output.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+crecbube+%28wobblerrecital%29
Accept-Encoding
gzip, deflate, br
Cookie
d=0; n=Etc/Unknown
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/output.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+crecbube+%28wobblerrecital%29

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Vary
Accept-Encoding
Server
Microsoft-IIS/8.0
X-Powered-By
PHP/5.4.24
Set-Cookie
PHPSESSID=rdgsd6sp9m9ljgnr9du7a5ukk4; path=/
Date
Sun, 26 Sep 2021 18:01:10 GMT
Content-Length
2207
style.css
invoice.99p.ru/tpl/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoice.99p.ru/tpl/css/style.css
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.243.127.158 Tomsk, Russian Federation, ASN31036 (NEWTELESYSTEMS, RU),
Reverse DNS
92-243-127-158.mynts.ru
Software
Microsoft-IIS/8.0 /
Resource Hash
6d12fa6db9802cea97ad9c7448d9e12de4c2e261ae7239136899bc3a9b008122

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://invoice.99p.ru/
Cookie
d=0; n=Etc/Unknown; PHPSESSID=rdgsd6sp9m9ljgnr9du7a5ukk4
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 18:01:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Dec 2017 11:56:46 GMT
Server
Microsoft-IIS/8.0
ETag
"79de41fc06dd31:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
2115
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 26 Sep 2021 17:56:29 GMT
server
ESF
date
Sun, 26 Sep 2021 18:01:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Sep 2021 18:01:08 GMT
tag.js
mc.yandex.ru/metrika/ 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:09 GMT
content-encoding
br
last-modified
Sat, 25 Sep 2021 10:27:39 GMT
etag
"614ecf6b-1031a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66330
expires
Sun, 26 Sep 2021 19:01:09 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:38:41 GMT
x-content-type-options
nosniff
age
350547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:38:41 GMT
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:40:32 GMT
x-content-type-options
nosniff
age
350436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9500
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:40:32 GMT
asset_composer.js
static.zdassets.com/ekr/ Frame A76B
Redirect Chain
  • https://assets.zendesk.com/embeddable_framework/main.js
  • https://static.zdassets.com/ekr/asset_composer.js
20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
W3VYZ1M7PCAB0MSY
x-amz-id-2
pEujk7IfZtO7IlTG8bGRJzBQRVKYzhoTZIwtNus5WHEQbwRSTHGNDPoye8Y/AMqEMzohvEBKb6A=
last-modified
Wed, 09 Jun 2021 00:08:58 GMT
server
cloudflare
etag
W/"cc904f41324148b571599b3b02fdec0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYp1ald4ZKQgi613w%2FGegFf0zyMzkqKKw%2F284SRSELMva9075SwhsAGirIf4fagsUMPVZY3JAJOJ8BcNLR9oTbr0c56RYs%2Fe8WLUUXEkOOp44dUxZ0079MfJQ7HDXEvROmJmvv8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
K3SnbkxF6hLvuoHLDwjJyrnNVVhjkbLm
cf-ray
694e65578ec54315-FRA

Redirect headers

date
Sun, 26 Sep 2021 18:01:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bgw2LBnPG1Q7tKgxlZYTeb6UgkAj8BzARH5BcnuReZaVHttbO68NUPttYiJXjlkIdwxEzh%2F60s%2FHG6%2FhVGM33bubIyUs%2FpIoUSKHAjkPFq47YkmZMkws8HTjKg6jWO3NT9Q%2FnA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://static.zdassets.com/ekr/asset_composer.js
cache-control
max-age=3600
strict-transport-security
max-age=0
cf-ray
694e65572e5e4aaf-FRA
expires
Sun, 26 Sep 2021 19:01:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:43 GMT
x-content-type-options
nosniff
age
350965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:43 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
350968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:40 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9408.u5dLnSmOmFmPnIzJIgRQTukjqlu1tDMc7-QEDkkVCklpqWkZyqJd5iE-dSIWD2Vp.fJ20JI2az86qHTDFmn8xkd7E2HA%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9408.VNcQB1ZcSnUyKAmuWk4Y22OoTirqD9K20VFz5rNzdc2lP7zYCf7UyZWRm-d2i2GV9MgBmk_2zgK62EwGWtjKSQ%2C%2C.UDHqhPiyDap2pHIUexfuc9X8j-I%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9408.VNcQB1ZcSnUyKAmuWk4Y22OoTirqD9K20VFz5rNzdc2lP7zYCf7UyZWRm-d2i2GV9MgBmk_2zgK62EwGWtjKSQ%2C%2C.UDHqhPiyDap2pHIUexfuc9X8j-I%2C
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:09 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9408.VNcQB1ZcSnUyKAmuWk4Y22OoTirqD9K20VFz5rNzdc2lP7zYCf7UyZWRm-d2i2GV9MgBmk_2zgK62EwGWtjKSQ%2C%2C.UDHqhPiyDap2pHIUexfuc9X8j-I%2C
date
Sun, 26 Sep 2021 18:01:09 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:09 GMT
last-modified
Sat, 25 Sep 2021 10:27:39 GMT
etag
"614ecf6b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 26 Sep 2021 19:01:09 GMT
mainsms.zendesk.com
ekr.zdassets.com/compose/web_widget/ Frame A76B 		631 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/web_widget/mainsms.zendesk.com
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d28e5ca467138ab4919134fa73170641fefbddc2f5cceaa40bb4a5b0419c4c8d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:09 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status
200 OK
access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=0
x-request-id
9b801e5f-bd2e-47e7-b50d-fd35cacf8ddc
x-runtime
0.003409
server
cloudflare
etag
W/"d28e5ca467138ab4919134fa73170641"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLFxr%2FasMeWh2iX1TEMR%2F330A7NMRWqYiOLu6gmzhtlTY5kV3a69pK%2FNU5zZG7RzzOEfj8Igb7KXsBFoz3DHu%2FT%2BMdIJ9iQMRuPxxB2VZT3Rh7THxDxEaYNiBqFRLBy3c9A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
694e6558799fdfb7-FRA
1
mc.yandex.com/watch/50923805/
Redirect Chain
  • https://mc.yandex.com/watch/50923805?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Foutput.php%3Futm_s...
  • https://mc.yandex.com/watch/50923805/1?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Foutput.php%3Futm...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/50923805/1?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Foutput.php%3Futm_source%3Dfeedburner%26utm_medium%3Dfeed%26utm_campaign%3DFeed%253A%2Bcrecbube%2B%2528wobblerrecital%2529&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A302%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A836711652106%3Ahid%3A625020684%3Az%3A0%3Ai%3A20210926180109%3Aet%3A1632679269%3Ac%3A1%3Arn%3A529996084%3Arqn%3A1%3Au%3A1632679269979593601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632679268651%3Ads%3A0%2C0%2C88%2C1%2C3%2C0%2C%2C106%2C0%2C%2C%2C%2C296%3Adsn%3A0%2C0%2C88%2C1%2C3%2C0%2C%2C200%2C0%2C%2C%2C%2C296%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632679269%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
656a47aa40ddb11b28755ec634ebeadb7f2a29f838307566ecb129e59f8d09b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 18:01:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 26-Sep-2021 18:01:09 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://invoice.99p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Sun, 26-Sep-2021 18:01:09 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Sep 2021 18:01:09 GMT
last-modified
Sun, 26-Sep-2021 18:01:09 GMT
location
/watch/50923805/1?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Foutput.php%3Futm_source%3Dfeedburner%26utm_medium%3Dfeed%26utm_campaign%3DFeed%253A%2Bcrecbube%2B%2528wobblerrecital%2529&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A302%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A836711652106%3Ahid%3A625020684%3Az%3A0%3Ai%3A20210926180109%3Aet%3A1632679269%3Ac%3A1%3Arn%3A529996084%3Arqn%3A1%3Au%3A1632679269979593601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632679268651%3Ads%3A0%2C0%2C88%2C1%2C3%2C0%2C%2C106%2C0%2C%2C%2C%2C296%3Adsn%3A0%2C0%2C88%2C1%2C3%2C0%2C%2C200%2C0%2C%2C%2C%2C296%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632679269%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8
strict-transport-security
max-age=31536000
access-control-allow-origin
https://invoice.99p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 26-Sep-2021 18:01:09 GMT
web-widget-preload-416078d2328fdddb17be.js
static.zdassets.com/web_widget/latest/ Frame B915 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2527b9c7c260faf84f105531488710bd08812666b7f03424562ed0f83ebf4c7d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
568531
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
C54XWRJSR9CJQ4X1
x-amz-id-2
x6t65lba6SMWfBgtdCuccM78u2UnFvHVbWfW8wbLRQwzgX6e1bH1zADPPP2rODyfH6fdjZVvigo=
last-modified
Fri, 17 Sep 2021 06:57:52 GMT
server
cloudflare
etag
W/"9a2c01dc67c2bf7a9e783c0451d450fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZY%2FZNiNYh%2FABu6eYYUWLFWAalJbmh1QkJlxGmP0w1xNYmgR1Qr%2FI1JSBAp4O%2Fqy0ymr1XvbIap%2B0j3u0F5EWQxYVCJVsph3KrJIcVvjgy5DA503vxcUhtrLCMixssqAV0LE0n0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Srkd7MMWrMIxbmaSxf4Q6zSCgHQyx.VZ
cf-ray
694e655cde354315-FRA
expires
Sat, 17 Sep 2022 06:57:50 GMT
web-widget-framework-7a0e3c94c555a139ce02.js
static.zdassets.com/web_widget/latest/ Frame B915 		184 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-7a0e3c94c555a139ce02.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c322a7503a4e53b8b3ede9c57b7f4a4d8b76d09ccbff2d653672d1860a2c7c26
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
568531
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
C54MXNECAK0XBT9J
x-amz-id-2
R8W9yxIHJjUYUovWOt4UrXAIVF1TVQr2GfY3VvgXE4MS6DRPSLJTAIw43LVX2b+MAg5K2aTxIWs=
last-modified
Fri, 17 Sep 2021 06:57:52 GMT
server
cloudflare
etag
W/"cec54a8b5c79bb251a12a66ce66798c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9P%2F2jiti%2F%2B6s2Vtk%2FGtKWSp1tkA2i2QzFAy6EWVv6Ij3EJQLocjU4yN4tFnkSG9MqUaqAtuFOrjewdtLySFwOnW4nxDQ5dxeIYWX7LFFLPHqa5ieTVsD43Nmwyt3Pqm6NbhpFoI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
_0OWJBCKJnSIFjW_HM6eyShjuGWoRFQr
cf-ray
694e655cde384315-FRA
expires
Sat, 17 Sep 2022 06:57:51 GMT
web-widget-chat-sdk-ad0bca0cd862985f164f.js
static.zdassets.com/web_widget/latest/ Frame B915 		203 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-ad0bca0cd862985f164f.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2910488
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
95ZJNECBJJPS7GC4
x-amz-id-2
3/yf0H9Zopc/y2rU3QPSJDq1Kko8+MTWJB0LpIH4o+lrmvjTlPRSgMboS3jQnFkxJOtWMq8UFU4=
last-modified
Mon, 23 Aug 2021 23:30:15 GMT
server
cloudflare
etag
W/"093f405bc41723c43486a657a0e1a173"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxX19lnQwo0wokSTUw9a1Rm34OiMRROBGdz7xOLXWv27izGhK1xNntOfWvdXkxYvbytztKQYYCfQiwOuFUxcLRMJBf1IgsbRJhIRdtnS06odDguc5L6Gjh1nLaCJdOSYLaMkqp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
wY3FbPeO1JSLC6dhSs9NxsYVyHmXlIn9
cf-ray
694e655cde3b4315-FRA
expires
Tue, 23 Aug 2022 23:30:13 GMT
config
mainsms.zendesk.com/embeddable/ Frame A76B 		831 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mainsms.zendesk.com/embeddable/config
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d18a4f698085a553676aa2162095dba96210ff895050bf06124cf5f9b282646
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg
yes
x-zendesk-origin-server
embeddable-app-server-7c7448ff9b-mtrp9
access-control-allow-methods
GET
vary
Origin, Accept-Encoding
x-cached
MISS
x-request-id
694e655d7b24d6bd-SEA, 694e655d7b24d6bd-SEA
x-runtime
0.001338
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjXgVOKC1aJevDhq%2BYezyQZbYLCORE7dzvDlcSz3fyzHGLdyurFjJ6UJrTZx8Jv3OZIygZh4td0AajmJs3aftJ3%2BxoYEls4nhY57FsiMAPIwfbrmXhVORBjNXBKBxCGroL6zgsc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
694e655d7b24d6bd-FRA
de-de-json-d7ee6cb4b3f57aabe16b.js
static.zdassets.com/web_widget/latest/web-widget-locales/ Frame B915 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-locales/de-de-json-d7ee6cb4b3f57aabe16b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eec770ee4b030f00ca9d9eb8bc28d9e7c7e858e3ac315cb92a05ff9f0e6b990a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
568532
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
C54RYEY0GNGYVB0W
x-amz-id-2
RThDjIV8MVLASR36XpDFYEPBQhHWm7FHdST+ml6bpeGCoY8XABbZLywvvIHMmoMB+YnGjbtNFY8=
last-modified
Mon, 20 Sep 2021 03:46:48 GMT
server
cloudflare
etag
W/"811ba5198de03eb639ced23b0c55e764"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oG%2Bhzz0m5uSDxQEfpnEUhR7fh2Wxpw9va%2B6%2FiZqOwuYGIZiv7E2Vh3ZGqWlQdgw9QzW9a6phD8iJ9BxPfZ8OqQ5U2PuSYHMO9zEqCTOA3ZPNj9tyUV0bAQPOwM%2FiBfymxteXFY0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Ad26HWM94n9oSNA2XO5q9d8tXRaFBL8q
cf-ray
694e655ecbbc4315-FRA
expires
Tue, 20 Sep 2022 03:46:47 GMT
web-widget-7487-813b8c77d5c0e8d0d00a.js
static.zdassets.com/web_widget/latest/ Frame B915 		340 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-7487-813b8c77d5c0e8d0d00a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce84019b653e1ad1664c5a85b1d0263a4e4e9223d5070f3a60c65e363406719a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23323
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
QYQM0E70QGHCFB2W
x-amz-id-2
73YkqsuaQuQouNKAJNmd9CYRpz95lz5ew7jn31aI//rFfG4WhCepV9jPj5+j+trCfNeAKAro5KM=
last-modified
Mon, 13 Sep 2021 23:45:48 GMT
server
cloudflare
etag
W/"b09bbdba067caac0d4cefb3cc1142b84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9sZeqpoMAg%2BPD4YfoV5jvIlu05RFHarhzooJVCmjPpQsbaJXdK6NoFHLPXF6RXL9qZMc4o%2FsM1T7M6%2FZ%2FjUaqMToebH%2FZUD82YRbjBGnfkgq%2FJkqmdEhY5UoTzS7%2FkOxhIARmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
uS5dZl.YNc6jj_t0cS60aE2lFJFk5MUV
cf-ray
694e655ecbc14315-FRA
expires
Tue, 13 Sep 2022 23:45:47 GMT
web-widget-2765-b06562d67a25c346a78a.js
static.zdassets.com/web_widget/latest/ Frame B915 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-2765-b06562d67a25c346a78a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d1cd4d430e5cef6f3e30e994df78ab3b937295b5bc69900a3f05e73424fb9e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1018051
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
QYQHM1QNYA499P06
x-amz-id-2
pa0g6ApCgS/+jXCeilPIWv7QwYYuEvV5aW001nS6JgjsCWL+ovvF0P60U1v0o1SoJDD/9i6ALrI=
last-modified
Mon, 13 Sep 2021 23:45:49 GMT
server
cloudflare
etag
W/"0bc1a1b4bd1a31033986b000da94d291"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvvNZgYdsAwdx887RLOrz2y5zZzbbLV7dcAEM3FaWEcGKYIe2R16PtUyujE1AkqSgBdPqmvHonEOnVmWh8ntUjGlrkIQ%2BNuDKx1KvZZjUjH20IlcmZn52Lfaz2XCxUSqbouI%2Bms%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
A1v2De1d.Np63il34KlS.L5PoKQUdcZa
cf-ray
694e655ecbc64315-FRA
expires
Tue, 13 Sep 2022 23:45:47 GMT
web_widget-945b35e58f786cf38aa6.js
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame B915 		419 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-945b35e58f786cf38aa6.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c395d504fb7a48bf0331277cfbd02463fe12e2a299c03c58957be2cccbe53540
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1679
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
C54MY2XQ2Y223YP0
x-amz-id-2
Fxe0iIQjuLUItO8iTkrGzDLbs3FlFqqXhaI/7bI+fKQsXJnHBRoQ7YDxqRLThnMgBCqrhGWJqtE=
last-modified
Mon, 20 Sep 2021 03:45:54 GMT
server
cloudflare
etag
W/"68ed4c61becc367ee01cafbf4cb0c6c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gex%2ByfsvcUorSeGd8fN4%2FTkpdA%2Bp4zLVF7oq%2BHcWPpba8nSV9IWeUo6xJBQ3gX81PNhOwOsZIHpX726PAGYD4TlOLz0O5TfQC2wMvTeA9wr%2FHAqM5YrHaMSGfhwXyYJEOFFHBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
KAn5UqkYYSyktntPcUhTA9XmloUei0lV
cf-ray
694e655ecbc94315-FRA
expires
Tue, 20 Sep 2022 03:45:53 GMT
embeddable_blip
mainsms.zendesk.com/ Frame B915 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mainsms.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiIxNDk4NGE3NTcyYmIwZGZiNWE0OTFkMWY4MmFiNTgyOCIsInN1aWQiOiJkM2IzMTczYzc0MzU5MDE0MTAyOTMxZjUwNjYwZjEyZiIsInZlcnNpb24iOiJmZDBhMDI1MzEiLCJ0aW1lc3RhbXAiOiIyMDIxLTA5LTI2VDE4OjAxOjEwLjI5OVoiLCJ1cmwiOiJodHRwczovL2ludm9pY2UuOTlwLnJ1LyJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a0e3c94c555a139ce02.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:10 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pFZ8IYLKjjazdo7qWqRfMC5CKPvpCkYaG1wVw%2B0mj%2FE2DmRchd9dfila1WUzNJFqOkjgmhnNyMExySkjU3qHJ%2B5R0S8aATV33H%2FK6BibNDu1sWcwcoOMiPRWlcZ92If3XRgnUI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://invoice.99p.ru
accept-ranges
bytes
cf-ray
694e655f6da4d6bd-FRA
vary
Accept-Encoding
content-length
0
x-request-id
280b14a101ff86f0f32405314df56038
embeddable_blip
mainsms.zendesk.com/ Frame B915 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mainsms.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9pbnZvaWNlLjk5cC5ydS9hc3NldHMvanF1ZXJ5LWZpbGUtdXBsb2FkL3NlcnZlci9waHAvZmlsZXMvb3V0cHV0LnBocD91dG1fc291cmNlPWZlZWRidXJuZXImdXRtX21lZGl1bT1mZWVkJnV0bV9jYW1wYWlnbj1GZWVkJTNBK2NyZWNidWJlKyUyOHdvYmJsZXJyZWNpdGFsJTI5IiwidGltZSI6MzYsImxvYWRUaW1lIjpudWxsLCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoi0JLRi9Cx0L7RgCDQvtGA0LPQsNC90LjQt9Cw0YbQuNC4IiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkzLjAuNDU3Ny42MyBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOmZhbHNlLCJ2aWV3cG9ydE1ldGEiOiIiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6IjE0OTg0YTc1NzJiYjBkZmI1YTQ5MWQxZjgyYWI1ODI4Iiwic3VpZCI6ImQzYjMxNzNjNzQzNTkwMTQxMDI5MzFmNTA2NjBmMTJmIiwidmVyc2lvbiI6ImZkMGEwMjUzMSIsInRpbWVzdGFtcCI6IjIwMjEtMDktMjZUMTg6MDE6MTAuMzM1WiIsInVybCI6Imh0dHBzOi8vaW52b2ljZS45OXAucnUvIn0%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a0e3c94c555a139ce02.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:10 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sAIO5KVumtb7nAW7T7Gruivib8mOOMaLb6BU0e58K4sK%2FgCyQDcQQv39Ma3GH3DUpBwo%2B5MLAFsf8HBUAhGHn336dPQg%2FExWlnz7SaN7D4HEQ7s2bnBQm87h8M%2ByQTXN8Dk2ZU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://invoice.99p.ru
accept-ranges
bytes
cf-ray
694e655f9e0bd6bd-FRA
vary
Accept-Encoding
content-length
0
x-request-id
b297d5945fef738ce28376b2093deaf4
web-widget-chat-incoming-message-notification-bdfd1edd38ba2ec92175.js
static.zdassets.com/web_widget/latest/ Frame B915 		337 B
955 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-chat-incoming-message-notification-bdfd1edd38ba2ec92175.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3ab89bc8d4feb680748ba773ff13a07c2db610c1308ec9c12040aa9b65d46b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:01:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4412905
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
9AW2YY408XKP0231
x-amz-id-2
fGF32ljqWCA8gjtXkLN42kSJahmTO/DUTZOgF/jjvedL3OXevEaJ64pndhlimfkF8//j4AFGC30=
last-modified
Fri, 06 Aug 2021 01:28:06 GMT
server
cloudflare
etag
W/"200371227ff3b0fb85badb2d2faef3b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRkNp%2FOeM3KfiMjyeh4Nr0M06%2FY3d5QQqUtLgcHDbOd5ZG%2BiNepJfXSNRk5St9B8qChqeiPaK2LTk7Dh32c2fnomYJpJqE5kGCHi0xXbFT64c7IGiYBkfKj%2FDYRd%2FU%2BkYdXV3HU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
AUc5ye9EUODlEErT0NHTaToq3MoNYX1U
cf-ray
694e6561dbf54315-FRA
expires
Sat, 06 Aug 2022 01:28:05 GMT
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/ Frame B915 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 26 Sep 2021 18:01:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9QCA9SEAPK7F65CG
x-amz-server-side-encryption
AES256
cf-ray
694e65620c6d4315-FRA
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
0Gai7NIR4tOer8xbm+kg9FqA2YvRWPyvZpoWpFq/dEthWAZEoBD1XFfyj72kFBw6luQGWiuT9GY=
last-modified
Thu, 23 Sep 2021 08:42:25 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8LQkhm3PyOsBo7P6lT7WTpBwrdqx3oibgoYZCP4l8vWPhZd1bDGdnI0e5TWUgkqfa8kfByM7yva6qyc43a33RIEfsowsB8ogsnv8Fr0NQA%2FC3d2ye9Dm8XQrlAxslY92Y2p88U%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
m_ClK9mQYxvfgpg2kDuEV00rXLbT_pg.
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
audio/mpeg; charset=utf-8
expires
Fri, 23 Sep 2022 08:42:24 GMT
50923805
mc.yandex.com/webvisor/ 		43 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/50923805?wmode=0&wv-part=1&wv-hit=625020684&page-url=https%3A%2F%2Finvoice.99p.ru%2F&rn=420629741&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632679272%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210926180111%3Au%3A1632679269979593601%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632679272
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://invoice.99p.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 18:01:11 GMT
last-modified
Sun, 26-Sep-2021 18:01:11 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://invoice.99p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 26-Sep-2021 18:01:11 GMT
50923805
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/50923805?wmode=0&wv-part=1&wv-hit=625020684&page-url=https%3A%2F%2Finvoice.99p.ru%2F&rn=294255619&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1632679272%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210926180111%3Au%3A1632679269979593601%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632679272
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://invoice.99p.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 18:01:11 GMT
last-modified
Sun, 26-Sep-2021 18:01:11 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://invoice.99p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 26-Sep-2021 18:01:11 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster function| zEmbed function| zE object| Ya object| yaCounter50923805 boolean| zEACLoaded function| $zopim

16 Cookies

Domain/Path Name / Value
invoice.99p.ru/ Name: d
Value: 0
invoice.99p.ru/ Name: n
Value: Etc/Unknown
invoice.99p.ru/ Name: PHPSESSID
Value: rdgsd6sp9m9ljgnr9du7a5ukk4
.99p.ru/ Name: _ym_uid
Value: 1632679269979593601
.99p.ru/ Name: _ym_d
Value: 1632679269
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 412878391fake
.99p.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3575313894fake
.yandex.com/ Name: yandexuid
Value: 167934901632679269
.yandex.com/ Name: yuidss
Value: 167934901632679269
mc.yandex.com/ Name: yabs-sid
Value: 1210549201632679269
.yandex.com/ Name: i
Value: DkD/xP4KjhjrZIx4xiftn/7KXiJWBNMH3XAhHYlLNXKytODIBcIKZPTtXuwk4GD9d8JLxu4C3K+uDlWFelhIPA41v+c=
.yandex.com/ Name: ymex
Value: 1664215269.yrts.1632679269#1664215269.yrtsi.1632679269
.99p.ru/ Name: _ym_visorc
Value: w
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: ZGkucD4krnslT72L5RYFTAGDEHsod7RI3UAPMrFnrRst0ctId4vxmPMMvJl4FfYNysEqrbzIWNOQqr10cZNqfXmKi+d/RGWl5npnXHlZTyeJhpTv+phBHR6sOTNV
.99p.ru/ Name: __zlcmid
Value: 16GkMQFbID3ilp6

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9408.VNcQB1ZcSnUyKAmuWk4Y22OoTirqD9K20VFz5rNzdc2lP7zYCf7UyZWRm-d2i2GV9MgBmk_2zgK62EwGWtjKSQ%2C%2C.UDHqhPiyDap2pHIUexfuc9X8j-I%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.zendesk.com
ekr.zdassets.com
feedproxy.google.com
fonts.googleapis.com
fonts.gstatic.com
invoice.99p.ru
mainsms.zendesk.com
mc.yandex.com
mc.yandex.ru
static.zdassets.com
104.16.51.111
104.18.70.113
142.250.186.142
142.250.186.42
172.217.18.99
87.250.250.119
92.243.127.158
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
0d18a4f698085a553676aa2162095dba96210ff895050bf06124cf5f9b282646
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
2527b9c7c260faf84f105531488710bd08812666b7f03424562ed0f83ebf4c7d
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3a3ab89bc8d4feb680748ba773ff13a07c2db610c1308ec9c12040aa9b65d46b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
656a47aa40ddb11b28755ec634ebeadb7f2a29f838307566ecb129e59f8d09b4
6d12fa6db9802cea97ad9c7448d9e12de4c2e261ae7239136899bc3a9b008122
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
85adac1931ad9cf9560be6d8bfee3a178b01d2036d47c18d84d5dedc37b26c45
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
96d1cd4d430e5cef6f3e30e994df78ab3b937295b5bc69900a3f05e73424fb9e
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
c322a7503a4e53b8b3ede9c57b7f4a4d8b76d09ccbff2d653672d1860a2c7c26
c395d504fb7a48bf0331277cfbd02463fe12e2a299c03c58957be2cccbe53540
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce84019b653e1ad1664c5a85b1d0263a4e4e9223d5070f3a60c65e363406719a
d28e5ca467138ab4919134fa73170641fefbddc2f5cceaa40bb4a5b0419c4c8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eec770ee4b030f00ca9d9eb8bc28d9e7c7e858e3ac315cb92a05ff9f0e6b990a
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e