45.147.197.153 Open in urlscan Pro
45.147.197.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://45.147.197.153/
Submission Tags: krdtest
Submission: On January 27 via api (January 27th 2022, 8:32:08 am UTC) from JP — Scanned from JP

Summary HTTP 112 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 34 IPs in 9 countries across 38 domains to perform 112 HTTP transactions. The main IP is 45.147.197.153, located in Netherlands and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is 45.147.197.153.
TLS certificate: Issued by on March 28th 2018. Valid for: 10 years.

This is the only time 45.147.197.153 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	45.147.197.153 45.147.197.153	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
1	2404:6800:400... 2404:6800:4004:81e::200a	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:90c0:999... 2a03:90c0:9995::9995	199524 (GCORE) (GCORE)
3	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
1 5	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
4	142.251.42.194 142.251.42.194	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:824::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (YNDX) (YNDX)
1 8	203.195.121.142 203.195.121.142	7979 (SERVERS-COM) (SERVERS-COM)
6	2404:6800:400... 2404:6800:4004:80c::2003	15169 (GOOGLE) (GOOGLE)
17	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	2404:6800:400... 2404:6800:4004:81f::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:808::2002	15169 (GOOGLE) (GOOGLE)
1	151.236.92.146 151.236.92.146	204720 (CDNETWORKS) (CDNETWORKS)
5 6	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	3.115.90.45 3.115.90.45	16509 (AMAZON-02) (AMAZON-02)
2 2	193.232.150.45 193.232.150.45	48061 (UMA-TECH-AS) (UMA-TECH-AS)
8 10	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	209.191.163.210 209.191.163.210	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
3 3	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
2 2	107.178.244.193 107.178.244.193	15169 (GOOGLE) (GOOGLE)
1 1	52.69.231.228 52.69.231.228	16509 (AMAZON-02) (AMAZON-02)
1 2	88.99.149.88 88.99.149.88	24940 (HETZNER-AS) (HETZNER-AS)
1 1	138.201.139.144 138.201.139.144	24940 (HETZNER-AS) (HETZNER-AS)
1 2	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 3	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
3 3	217.66.147.165 217.66.147.165	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1 1	23.36.110.226 23.36.110.226	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.10.15.201 23.10.15.201	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 9	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	213.19.162.80 213.19.162.80	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	142.250.196.130 142.250.196.130	15169 (GOOGLE) (GOOGLE)
1 1	103.229.206.240 103.229.206.240	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2406:da18:929... 2406:da18:929:5a00:418f:227e:8fb9:f91	16509 (AMAZON-02) (AMAZON-02)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	2406:2000:a4:... 2406:2000:a4:9fe::1	10230 (YAHOO-SG ...) (YAHOO-SG internet content provider)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 2	2001:6d0:4001... 2001:6d0:4001::226	() ()
1	2606:4700:10:... 2606:4700:10::6816:37ce	() ()
1	51.79.234.100 51.79.234.100	() ()
112	34

27 45.147.197.153 (Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: vm1670795.nvme.had.yt

45.147.197.153	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81e::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:80b::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80f::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:90c0:9995::9995 (Singapore)

ASN199524 (GCORE, LU)

cdn.adfinity.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:20::215 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.42.194 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 203.195.121.142 (Singapore) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:80c::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81f::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:808::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.92.146 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.213.12.39 (Tokyo, Japan) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.115.90.45 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-115-90-45.ap-northeast-1.compute.amazonaws.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.45 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp18.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 31.172.81.159 (Muehlheim am Main, Germany) 8 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.191.163.210 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Kyiv, Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.202.26 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.244.193 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.69.231.228 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-231-228.ap-northeast-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.149.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dmc-test-dn3

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.139.144 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de

cm.p.altergeo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.69.133.145 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.119.28 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.66.147.165 (St Petersburg, Russian Federation) 3 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-165-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.193.58.13 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.110.226 (Tokyo, Japan) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-110-226.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.10.15.201 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-10-15-201.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 8.39.36.141 (Los Angeles, United States) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.80 (United Kingdom) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.196.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.240 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a00:418f:227e:8fb9:f91 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2000:a4:9fe::1 (Tokyo, Japan)

ASN10230 (YAHOO-SG internet content provider, SG)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (None, ) 1 redirects

ASN- ()

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:37ce (None, )

ASN- ()

sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.79.234.100 (None, )

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	relap.io relap.io — Cisco Umbrella Rank: 29912 s.relap.io — Cisco Umbrella Rank: 521648	175 KB
13	rubiconproject.com 6 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095 eus.rubiconproject.com — Cisco Umbrella Rank: 541 token.rubiconproject.com — Cisco Umbrella Rank: 689 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2741 pixel.rubiconproject.com — Cisco Umbrella Rank: 312	17 KB
10	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1452 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 33454 mc.yandex.ru — Cisco Umbrella Rank: 2853 an.yandex.ru — Cisco Umbrella Rank: 3286	231 KB
9	betweendigital.com 1 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1818 cache.betweendigital.com — Cisco Umbrella Rank: 19174	6 KB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	151 KB
6	bumlam.com 4 redirects sync.bumlam.com — Cisco Umbrella Rank: 2736	2 KB
6	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	3 KB
6	gstatic.com fonts.gstatic.com	78 KB
5	yastatic.net 1 redirects yastatic.net — Cisco Umbrella Rank: 6518	152 KB
4	mts.ru 4 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 34403 tech.rtb.mts.ru — Cisco Umbrella Rank: 35053	3 KB
4	adsniper.ru 4 redirects sync3.adsniper.ru — Cisco Umbrella Rank: 12418	2 KB
3	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13701	1 KB
3	mookie1.com 3 redirects odr.mookie1.com — Cisco Umbrella Rank: 890	2 KB
3	adfinity.pro cdn.adfinity.pro — Cisco Umbrella Rank: 317594	7 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100	205 KB
2	tns-counter.ru 1 redirects www.tns-counter.ru	707 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 560	633 B
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470 ads.yahoo.com — Cisco Umbrella Rank: 913	1 KB
2	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 10227	2 KB
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 12235	777 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 419	977 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 690	1 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 10726	822 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5289	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	onetag-sys.com onetag-sys.com	823 B
1	connectad.io sync-eu.connectad.io	266 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 738	448 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 421	656 B
1	konnektu.ru 1 redirects pixel.konnektu.ru — Cisco Umbrella Rank: 94580	262 B
1	altergeo.ru 1 redirects cm.p.altergeo.ru — Cisco Umbrella Rank: 47755	523 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 442	373 B
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 202062	311 B
1	google.com adservice.google.com — Cisco Umbrella Rank: 80	549 B
1	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 41946	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	416 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
112	38

	Domain	Requested by
16	relap.io	srcdoc relap.io
8	ads.betweendigital.com	1 redirects yandex.ru 45.147.197.153 yastatic.net eus.rubiconproject.com
6	sync.bumlam.com	4 redirects 45.147.197.153
6	x.bidswitch.net	5 redirects 45.147.197.153
6	fonts.gstatic.com	fonts.googleapis.com
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	yastatic.net	1 redirects yandex.ru
4	pixel.rubiconproject.com	eus.rubiconproject.com
4	mc.yandex.ru	1 redirects 45.147.197.153
4	sync3.adsniper.ru	4 redirects
3	cm.g.doubleclick.net	1 redirects eus.rubiconproject.com
3	sm.rtb.mts.ru	3 redirects
3	x01.aidata.io	2 redirects srcdoc
3	odr.mookie1.com	3 redirects
3	securepubads.g.doubleclick.net	45.147.197.153 securepubads.g.doubleclick.net
3	yandex.ru	45.147.197.153
3	cdn.adfinity.pro	45.147.197.153
3	pagead2.googlesyndication.com	45.147.197.153 pagead2.googlesyndication.com
2	www.tns-counter.ru	1 redirects 45.147.197.153
2	sync-tm.everesttech.net	2 redirects
2	eus.rubiconproject.com	cache.betweendigital.com eus.rubiconproject.com
2	top-fwz1.mail.ru	1 redirects srcdoc
2	sync.1dmp.io	1 redirects relap.io
2	pixel.tapad.com	2 redirects
2	an.yandex.ru	yastatic.net 45.147.197.153
2	ap.lijit.com	2 redirects
2	px.adhigh.net	2 redirects
2	pool.admedo.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	onetag-sys.com	cache.betweendigital.com
1	sync-eu.connectad.io	45.147.197.153
1	ads.yahoo.com	eus.rubiconproject.com
1	id.rlcdn.com	eus.rubiconproject.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	pixel-eu.rubiconproject.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	pixel.konnektu.ru	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	cm.p.altergeo.ru	1 redirects
1	s.relap.io	relap.io
1	aa.agkn.com	1 redirects
1	c.hit.ua	45.147.197.153
1	cache.betweendigital.com	ads.betweendigital.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.jp	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	matchid.adfox.yandex.ru	yandex.ru
1	www.googletagmanager.com	45.147.197.153
1	fonts.googleapis.com	45.147.197.153
112	51

This site contains links to these domains. Also see Links.

Domain
knigi-for.me
hit.ua

Subject Issuer	Validity	Valid
	`2018-03-28` - `2028-03-25`	10 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.adfinity.pro Sectigo RSA Domain Validation Secure Server CA	`2021-12-16` - `2022-12-16`	a year	crt.sh
yandex.ru Yandex CA	`2021-08-30` - `2022-02-28`	6 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2021-08-26` - `2022-02-18`	6 months	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
relap.io GeoTrust RSA CA 2018	`2021-08-26` - `2022-09-26`	a year	crt.sh
*.google.co.jp GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-24` - `2023-02-24`	a year	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.hit.ua R3	`2022-01-20` - `2022-04-20`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
sync.1dmp.io R3	`2021-12-12` - `2022-03-12`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://45.147.197.153/
Frame ID: 5C99E1A5A553DAF06F50DAA414D71769
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20190131/zrt_lookup.html
Frame ID: 90E68F0B58A17D46B6A6C43846CD7C12
Requests: 1 HTTP requests in this frame

Frame: https://relap.io/v7/relap.js
Frame ID: E542840AABAA8A0ADBCDB2201643D4A0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&adk=1812271804&adf=3025194257&lmt=1643272320&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F45.147.197.153%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643272317983&bpp=2051&bdt=211&idt=2241&shv=r20220125&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8308117961566&frm=20&pv=2&ga_vid=1649886428.1643272320&ga_sid=1643272320&ga_hid=1905789894&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064215&oid=2&pvsid=2142504922673794&pem=90&tmod=691849559&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2254
Frame ID: DC3479D2A0934AEC020E8EBA72CA9C8A
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e7e2db56-bebc-541b-9848-f310f9baab90&CACHEBUSTER=276414
Frame ID: B5B360C3F7029886751FA9817393EFA0
Requests: 6 HTTP requests in this frame

Frame: https://sync.1dmp.io/supersync?t=9a2ba8b1-7f4b-11ec-a15e-901b0e8d6a9d
Frame ID: 475AEFB0E982B102ED1588E45105235D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: B294B4216CD8DB429EDAD5E82641CC4C
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: EC1F73F9643ADDDBB4976E754FC08B19
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Knigi-For.me: Электронная библиотека деловой и учебной литературы. Читаем онлайн.

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

112
Requests

54 %
HTTPS

38 %
IPv6

38
Domains

51
Subdomains

34
IPs

9
Countries

2237 kB
Transfer

4668 kB
Size

62
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://knigi-for.me/books.html
Title: Библиотека

Search URL Search Domain Scan URL

URL: http://knigi-for.me/
Title: Knigi-for.me

Search URL Search Domain Scan URL

URL: http://knigi-for.me/books/love-
Title: любовные романы

Search URL Search Domain Scan URL

URL: http://knigi-for.me/books/detektivy-i-trillery
Title: детектив

Search URL Search Domain Scan URL

URL: http://knigi-for.me/books/dokumentalnye-knigi
Title: документальную книгу

Search URL Search Domain Scan URL

URL: http://hit.ua/?x=41058
Title:     <img src='//c.hit.ua/hit?i=41058&g=0&x=2' border='0'/>

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://yastatic.net/pcode/adfox/header-bidding.js HTTP 302
https://yandex.ru/ads/system/header-bidding.js

Request Chain 36

https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=6204940002 HTTP 302
https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=6204940002&crf=1

Request Chain 58

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=c8680cc8-3200-412e-ba6a-87a80ac1af83 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=c8680cc8-3200-412e-ba6a-87a80ac1af83 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f0b6c5c7-d31b-4157-a40e-3a4d6c914648&user_group=1&ssp=between&bsw_param=c8680cc8-3200-412e-ba6a-87a80ac1af83 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=c8680cc8-3200-412e-ba6a-87a80ac1af83

Request Chain 59

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=gPiJN9tqAt8.AikABlF-mqm3Rw

Request Chain 60

https://sync.bumlam.com/?src=bw1&uid=e7e2db56-bebc-541b-9848-f310f9baab90 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiBscmPBlIFvp7KygpiJGU3ZTJkYjU2LWJlYmMtNTQxYi05ODQ4LWYzMTBmOWJhYWI5MA** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiBscmPBlIFvp7KygpiJGU3ZTJkYjU2LWJlYmMtNTQxYi05ODQ4LWYzMTBmOWJhYWI5MKIBEJnKrIZ_SxHspukAJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiBscmPBmIkZTdlMmRiNTYtYmViYy01NDFiLTk4NDgtZjMxMGY5YmFhYjkwogEQmcqshn9LEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiBscmPBmIkZTdlMmRiNTYtYmViYy01NDFiLTk4NDgtZjMxMGY5YmFhYjkwogEQmcqshn9LEeym6QAlkMgkNw**

Request Chain 61

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=d64370dfc6fe7839ed35e0d1

Request Chain 79

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c8680cc8-3200-412e-ba6a-87a80ac1af83&ssp=between&gdpr=&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10527304867929609306&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dbetween%26gdpr_consent%3D%26gdpr%3D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10527304867929609306&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dbetween%26gdpr_consent%3D%26gdpr%3D HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=743e3544-8c38-444c-b038-ebbd9750e71d&ssp=between&gdpr_consent=&gdpr= HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=164561104044001165854&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=419&user_id=10527304867929609306&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=

Request Chain 80

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiCscmPBlIFl4XSlAY* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiCscmPBlIFl4XSlAaiARCZ7TC8f0sR7KbpACWQyCQ3 HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQABiCscmPBqIBEJntMLx_SxHspukAJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARiCscmPBqIBEJntMLx_SxHspukAJZDIJDc*

Request Chain 86

https://sync.1dmp.io/supersync?pid=w&o=ns&cid=d532925e-370a-4913-9238-e8b91206247f&brid=3fdc8267-2323-4ff5-80fe-dc2813a9742e&uid=5f6SafHr HTTP 302
https://sync.1dmp.io/supersync?t=9a2ba8b1-7f4b-11ec-a15e-901b0e8d6a9d

Request Chain 87

https://cm.p.altergeo.ru/relap?aid=5f6SafHr&nc=jIaRmXUv&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
https://relap.io/partners/altergeocs?uid=CMLktcFWS5SKupflIxX2eSug==

Request Chain 88

https://top-fwz1.mail.ru/counter?id=3136989;js=na HTTP 302
https://top-fwz1.mail.ru/counter2?id=3136989;js=na

Request Chain 89

https://x01.aidata.io/0.gif?pid=RELAP&id=5f6SafHr HTTP 302
https://x01.aidata.io/0.gif?pid=RELAP&id=5f6SafHr&bounce=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=aidata&id=9b%2F1jjVEM8XlBdesVw0afA HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=51&exu=9b%2F1jjVEM8XlBdesVw0afA HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=5a9f5a50-a512-47d9-a164-de31cf05aa34&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D1%2526ssp%253Dkonnektu%2526exu%253D9b%25252F1jjVEM8XlBdesVw0afA%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3D9b%252F1jjVEM8XlBdesVw0afA%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=9b%2F1jjVEM8XlBdesVw0afA&id= HTTP 301
https://x01.aidata.io/0.gif?pid=9503528&uid=5a9f5a50-a512-47d9-a164-de31cf05aa34&exu=9b%!F(string=%20%20)1jjVEM8XlBdesVw0afA

Request Chain 90

https://mc.yandex.ru/watch/65503507?wmode=7&page-url=https%3A%2F%2F45.147.197.153%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqe375y9e67%3Afp%3A4021%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1586014706684%3Ahid%3A282899591%3Az%3A0%3Ai%3A20220127083202%3Aet%3A1643272322%3Ac%3A1%3Arn%3A560173721%3Arqn%3A1%3Au%3A1643272322373704400%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643272316047%3Ads%3A0%2C93%2C1627%2C387%2C0%2C0%2C%2C2801%2C0%2C%2C%2C%2C4909%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643272322%3At%3AKnigi-For.me%3A%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B8%D0%B1%D0%BB%D0%B8%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D0%B4%D0%B5%D0%BB%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B8%20%D1%83%D1%87%D0%B5%D0%B1%D0%BD%D0%BE%D0%B9%20%D0%BB%D0%B8%D1%82%D0%B5%D1%80%D0%B0%D1%82%D1%83%D1%80%D1%8B.%20%D0%A7%D0%B8%D1%82%D0%B0%D0%B5%D0%BC%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD.&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/65503507/1?wmode=7&page-url=https%3A%2F%2F45.147.197.153%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqe375y9e67%3Afp%3A4021%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1586014706684%3Ahid%3A282899591%3Az%3A0%3Ai%3A20220127083202%3Aet%3A1643272322%3Ac%3A1%3Arn%3A560173721%3Arqn%3A1%3Au%3A1643272322373704400%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643272316047%3Ads%3A0%2C93%2C1627%2C387%2C0%2C0%2C%2C2801%2C0%2C%2C%2C%2C4909%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643272322%3At%3AKnigi-For.me%3A%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B8%D0%B1%D0%BB%D0%B8%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D0%B4%D0%B5%D0%BB%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B8%20%D1%83%D1%87%D0%B5%D0%B1%D0%BD%D0%BE%D0%B9%20%D0%BB%D0%B8%D1%82%D0%B5%D1%80%D0%B0%D1%82%D1%83%D1%80%D1%8B.%20%D0%A7%D0%B8%D1%82%D0%B0%D0%B5%D0%BC%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD.&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 94

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 97

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=KYWPWX5C-6-5C3M HTTP 302
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=KYWPWX5C-6-5C3M

Request Chain 98

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE0NzEwMmJmZTVlNzdjNmU0YjcyMzgwNmYwYTIyY2UyNDQzNzI4Yw

Request Chain 99

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b62961f2-5885-4100-9426-24899c97d7ec

Request Chain 100

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/ymZ6FSf74wgQk1scK_tc0w?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1467206556342711728

Request Chain 102

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYWPWX5C-6-5C3M&sigv=1&esig=2~0e799e6a353c32f37855f86b29a57f7b21f8e877

Request Chain 103

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXUFdYNUMtNi01QzNN

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECca9yy_f_Rx9HD5DxmLKIo&google_cver=1

Request Chain 105

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfJYhQABqOjwYQBH HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfJYhQABqOjwYQBH&_test=YfJYhQABqOjwYQBH

Request Chain 106

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/276414 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/276414

Request Chain 107

https://x.bidswitch.net/sync?dsp_id=429&user_id=e7e2db56-bebc-541b-9848-f310f9baab90&expires=60 HTTP 302
https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=c8680cc8-3200-412e-ba6a-87a80ac1af83

Request Chain 109

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fe7e2db56-bebc-541b-9848-f310f9baab90 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/e7e2db56-bebc-541b-9848-f310f9baab90

112 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
45.147.197.153/ 108 KB
109 KB 1721ms
1628ms Document
text/html 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard / PHP/7.1.33
Resource Hash: b1f01cb8ad829c32b9b864a3c53e361b30bc7770ce4cf7c42d9b7922f016056b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

server: ddos-guard
date: Thu, 27 Jan 2022 08:31:57 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 79ms
40ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic

Requested by

Host: 45.147.197.153
URL: https://45.147.197.153/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4c4f3c64a6fffe7e6ffd9217a92f6b97a45daafba2565a23938d14bde893f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 08:26:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Jan 2022 08:31:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jan 2022 08:31:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 142ms
67ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 45.147.197.153
URL: https://45.147.197.153/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8556c63df112979402a23d5878d6cc30309c8447ca2fbad6ce147bb732e52255

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51934
x-xss-protection: 0
server: cafe
etag: 2287928993812739316
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 08:31:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 124ms
48ms Script
application/javascript 2404:6800:4004:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-61640477-6

Requested by

Host: 45.147.197.153
URL: https://45.147.197.153/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cdfbc512d5bdb0cadeb7dd2a9bee536043615c65d0ce93aa770c2119a2c3d6ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35991
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 08:32:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 88ms
50ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1618592205083780

Requested by

Host: 45.147.197.153
URL: https://45.147.197.153/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af3d1a33c516417bd9c86d4618e91ef85fa7f155937cf4ce29945c9a74b6e739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45.147.197.153/
Origin: https://45.147.197.153
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52489
x-xss-protection: 0
server: cafe
etag: 8817845145557316929
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 08:32:00 GMT

GET
H2 200 bootstrap.css
45.147.197.153/assets/e124f022/css/ 143 KB
143 KB 1575ms
1574ms Stylesheet
text/css 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://45.147.197.153/assets/e124f022/css/bootstrap.css
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:31:59 GMT
last-modified: Wed, 08 Jul 2020 08:51:38 GMT
server: ddos-guard
etag: "23a0d-5a9ea3747c971"
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 145933
expires: Sat, 26 Feb 2022 08:31:59 GMT

GET
H2 200 styles.css
45.147.197.153/css/ 44 KB
44 KB 1673ms
1672ms Stylesheet
text/css 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://45.147.197.153/css/styles.css?v=0.2
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 94f5256c30756a47b69c430f810b57dab395331ebd8e4bb2ecba355da9e0ebf9

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:31:59 GMT
last-modified: Tue, 21 Sep 2021 19:32:11 GMT
server: ddos-guard
etag: "ae5d-5cc8674448318"
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 44637
expires: Sat, 26 Feb 2022 08:31:59 GMT

GET
H2 200 engine.css
45.147.197.153/css/ 64 KB
64 KB 976ms
975ms Stylesheet
text/css 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://45.147.197.153/css/engine.css?v=0.1
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 0e7624e479f2ca1914a75398a2b6fa19878660ff35e2a187ec0eb6cdcee9324e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:31:58 GMT
last-modified: Tue, 21 Sep 2021 19:38:45 GMT
server: ddos-guard
etag: "fee9-5cc868bb78c9f"
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 65257
expires: Sat, 26 Feb 2022 08:31:58 GMT

GET
H2 200 frameworks.css
45.147.197.153/css/ 47 KB
47 KB 1440ms
1440ms Stylesheet
text/css 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://45.147.197.153/css/frameworks.css
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: bc3a5f523fa206bd7c75f79d53076ea678645acb757e412f8ae437bad377d430

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:31:58 GMT
last-modified: Tue, 07 Jul 2020 19:43:48 GMT
server: ddos-guard
etag: "bae9-5a9df35be0500"
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 47849
expires: Sat, 26 Feb 2022 08:31:58 GMT

GET
H2 200 adfinity_1.1.css
cdn.adfinity.pro/foralls/ 4 KB
1 KB 464ms
7ms Stylesheet
text/css 2a03:90c0:9995::9995
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adfinity.pro/foralls/adfinity_1.1.css
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0a26812cc6764a9936425a3a51e220413328849eb2dcd4b6c7f7d16c1ea245b0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: cc1-up-gc16
date: Thu, 27 Jan 2022 08:31:58 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 09:41:08 GMT
server: nginx
etag: W/"61f11734-1185"
x-cached-since: 2022-01-27T05:38:28+00:00
content-type: text/css
cache: HIT

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 161 KB
43 KB 721ms
248ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: 45.147.197.153
URL: https://45.147.197.153/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a71b1b5fbccbb4c3a48571939dac528c22d28dd42f041dd8efee6e681ebd7ba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1643272318402274-11923666365162885774-man1-2841-9d4-man-l7-balancer-8080-BAL-3071
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 27 Jan 2022 09:31:58 GMT

GET
H2 200 adfinity_1.1.js Show response
cdn.adfinity.pro/foralls/ 12 KB
5 KB 461ms
4ms Script
application/javascript 2a03:90c0:9995::9995
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adfinity.pro/foralls/adfinity_1.1.js
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: bfa8c35cc60a807de0c048b197a19270e04e580e9771fc220c8e01c514f8c212

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: cc1-up-gc27
date: Thu, 27 Jan 2022 08:31:58 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 11:41:20 GMT
server: nginx
etag: W/"61f13360-2e2a"
x-cached-since: 2022-01-27T05:38:28+00:00
content-type: application/javascript
cache: HIT

GET
H2 200 hbconfig.js Show response
cdn.adfinity.pro/partners/knigi-for.me/ 2 KB
632 B 462ms
6ms Script
application/javascript 2a03:90c0:9995::9995
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adfinity.pro/partners/knigi-for.me/hbconfig.js
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a9ced29a8ee972be8f31208c85f6f9d4158f1add53a255fbacf684736cff122c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: cc1-up-gc17
date: Thu, 27 Jan 2022 08:31:58 GMT
content-encoding: gzip
last-modified: Wed, 22 Dec 2021 09:09:38 GMT
server: nginx
etag: W/"61c2eb52-79f"
x-cached-since: 2022-01-27T03:43:59+00:00
content-type: application/javascript
cache: STALE

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 275 KB
75 KB 249ms
244ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: 45.147.197.153
URL: https://45.147.197.153/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

b2dd3526d9bbe77c9eb04636762b8546f36df4499c7c77b7d5767544725177ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1643272320161142-10429934136735711717-man1-2841-9d4-man-l7-balancer-8080-BAL-6367
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 27 Jan 2022 09:32:00 GMT

GET
H2

200

header-bidding.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/header-bidding.js
https://yandex.ru/ads/system/header-bidding.js

161 KB
42 KB

255ms
255ms

Script
text/javascript

2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: 45.147.197.153
URL: https://45.147.197.153/

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

c85f5a1c47e015e67ab335b47d581c645561e2664e3a257aa421e86470f42758

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1643272320811401-13009433330103699017-man1-2841-9d4-man-l7-balancer-8080-BAL-2486
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 27 Jan 2022 09:32:00 GMT

Redirect headers

date: Thu, 27 Jan 2022 08:32:00 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://yandex.ru/ads/system/header-bidding.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 88ms
48ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 45.147.197.153
URL: https://45.147.197.153/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

242d6485a362700f177f354c8c3d9f24b593179940cf3d54d52ff4e4676056ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27061
x-xss-protection: 0
server: sffe
etag: "1114 / 538 of 1000 / last-modified: 1643238406"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jan 2022 08:32:00 GMT

GET
H2 200 289098.jpg
45.147.197.153/books/289098/ 26 KB
27 KB 459ms
455ms Image
image/jpeg 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/books/289098/289098.jpg
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 5a0711978ec16c3c675cf046bdbda23447d7924d0092d415bc4f496ae50a615b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
last-modified: Fri, 30 Jul 2021 16:00:35 GMT
server: ddos-guard
etag: "69f9-5c85951e37fdb"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27129
expires: Sat, 26 Feb 2022 08:32:00 GMT

GET
H2 200 289097.jpg
45.147.197.153/books/289097/ 24 KB
24 KB 551ms
548ms Image
image/jpeg 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/books/289097/289097.jpg
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 39aed9fd5db6824ab7e8cdd0d2388d1922fff7626164848de5263b0abfd15e1a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
last-modified: Fri, 30 Jul 2021 16:00:26 GMT
server: ddos-guard
etag: "5e0c-5c859515dda0f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24076
expires: Sat, 26 Feb 2022 08:32:00 GMT

GET
H2 200 289096.jpg
45.147.197.153/books/289096/ 26 KB
26 KB 1612ms
1609ms Image
image/jpeg 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/books/289096/289096.jpg
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 3ef7f4810e2b4133e64caeaf324536530b649c8b7937bd907687397275bfb579

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
last-modified: Fri, 30 Jul 2021 16:00:21 GMT
server: ddos-guard
etag: "6654-5c8595117f02c"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 26196
expires: Sat, 26 Feb 2022 08:32:01 GMT

GET
H2 200 289095.jpg
45.147.197.153/books/289095/ 24 KB
24 KB 1413ms
1410ms Image
image/jpeg 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/books/289095/289095.jpg
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 6f83ab29b7c572f2cd1fd04ef69c8638134e5118d967a47538f621332baea4a8

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
last-modified: Fri, 30 Jul 2021 16:00:13 GMT
server: ddos-guard
etag: "6103-5c85950a159ba"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24835
expires: Sat, 26 Feb 2022 08:32:01 GMT

GET
H2 500 289094.jpg
45.147.197.153/books/289094/ 579 B
579 B 860ms
857ms Image
text/html 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/books/289094/289094.jpg
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 0fe50ec7d8c4a0423a924655a052545f189a0af2d5007fcfb4db918fe20d1865

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
server: ddos-guard
content-length: 579
content-type: text/html

GET
H2 200 no-image-knigaforme.jpg
45.147.197.153/books/ 61 KB
61 KB 1711ms
1709ms Image
image/jpeg 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/books/no-image-knigaforme.jpg
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 3047eed89ae9c763a86850da329a641b58c28c1627b34abc5ccf948311380c78

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
last-modified: Wed, 08 Jul 2020 13:15:01 GMT
server: ddos-guard
etag: "f2e0-5a9ede5348c66"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 62176
expires: Sat, 26 Feb 2022 08:32:01 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/ 283 KB
102 KB 76ms
73ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_fy2019.js?bust=31064215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

269e19cf2771f13a83636361458588ed73621684f28ec3a3cc51f03264941af9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104320
x-xss-protection: 0
server: cafe
etag: 10667079735252752543
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 08:32:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220125/r20190131/ Frame 90E6 10 KB
5 KB 40ms
2ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220125/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Wed, 26 Jan 2022 20:06:12 GMT
expires: Wed, 09 Feb 2022 20:06:12 GMT
cache-control: public, max-age=1209600
age: 44746
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 3777.jpg
45.147.197.153/books/3777/ 22 KB
22 KB 974ms
971ms Image
image/jpeg 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/books/3777/3777.jpg
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: d0abdbd997ebec75df931fbccff795fdaa697daccf6e09f1b3014ffb9ab2b0d5

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
last-modified: Wed, 08 Jul 2020 09:36:57 GMT
server: ddos-guard
etag: "57ec-5a9ead95680b9"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22508
expires: Sat, 26 Feb 2022 08:32:00 GMT

GET
H2 200 180731.jpg
45.147.197.153/books/180731/ 13 KB
13 KB 1079ms
1077ms Image
image/jpeg 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/books/180731/180731.jpg
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 1b4dbf1334d08a15c9cca9e17c0907a7b20df270c520cd6fedb6c84aad85518a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
last-modified: Wed, 08 Jul 2020 09:35:35 GMT
server: ddos-guard
etag: "3374-5a9ead4715f1c"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13172
expires: Sat, 26 Feb 2022 08:32:00 GMT

GET
H2 500 228816.jpg
45.147.197.153/books/228816/ 579 B
579 B 858ms
856ms Image
text/html 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/books/228816/228816.jpg
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 0fe50ec7d8c4a0423a924655a052545f189a0af2d5007fcfb4db918fe20d1865

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
server: ddos-guard
content-length: 579
content-type: text/html

GET
H2 200 961.jpg
45.147.197.153/books/961/ 12 KB
12 KB 999ms
997ms Image
image/jpeg 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/books/961/961.jpg
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 14551f3531734ac213ab93786390cd774636130ede5b8f12101e5d5760b88c77

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
last-modified: Wed, 08 Jul 2020 09:37:11 GMT
server: ddos-guard
etag: "2f0c-5a9eada3361ae"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12044
expires: Sat, 26 Feb 2022 08:32:00 GMT

GET
H2 200 127329.jpg
45.147.197.153/books/127329/ 13 KB
13 KB 1511ms
1509ms Image
image/jpeg 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/books/127329/127329.jpg
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 59725fe9e622907c1019a51cac69abb6b78d01236dbb55a12c7831ededd33c58

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
last-modified: Wed, 08 Jul 2020 09:35:20 GMT
server: ddos-guard
etag: "3402-5a9ead38a4126"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13314
expires: Sat, 26 Feb 2022 08:32:01 GMT

GET
H2 200 1141.jpg
45.147.197.153/books/1141/ 15 KB
16 KB 1274ms
1272ms Image
image/jpeg 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/books/1141/1141.jpg
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 502232c0221d75c8ecea88239eb55d1ced95f84661b9a7b9afb8dd22e1e259a4

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
last-modified: Wed, 08 Jul 2020 09:35:17 GMT
server: ddos-guard
etag: "3d46-5a9ead35cb94b"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15686
expires: Sat, 26 Feb 2022 08:32:01 GMT

GET
H2 200 1578.jpg
45.147.197.153/books/1578/ 18 KB
18 KB 2013ms
2011ms Image
image/jpeg 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/books/1578/1578.jpg
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: af8c1bac3d15781ca0fba0dc9b376a49e9d64ca8ebacf1681e7abb141d8440a9

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
last-modified: Wed, 08 Jul 2020 09:35:30 GMT
server: ddos-guard
etag: "4855-5a9ead42da3db"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18517
expires: Sat, 26 Feb 2022 08:32:01 GMT

GET
H2 200 jquery.js Show response
45.147.197.153/assets/aa7d3e19/ 274 KB
274 KB 484ms
483ms Script
application/javascript 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://45.147.197.153/assets/aa7d3e19/jquery.js
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:31:59 GMT
last-modified: Wed, 08 Jul 2020 08:51:38 GMT
server: ddos-guard
etag: "4472c-5a9ea37479e79"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 280364
expires: Sat, 26 Feb 2022 08:31:59 GMT

GET
H2 200 yii.js Show response
45.147.197.153/assets/2c1d63bd/ 20 KB
21 KB 726ms
726ms Script
application/javascript 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://45.147.197.153/assets/2c1d63bd/yii.js
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
last-modified: Wed, 08 Jul 2020 08:51:38 GMT
server: ddos-guard
etag: "51c6-5a9ea374792c1"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 20934
expires: Sat, 26 Feb 2022 08:32:00 GMT

GET
H2 200 libs.js Show response
45.147.197.153/js/ 54 KB
55 KB 272ms
269ms Script
application/javascript 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://45.147.197.153/js/libs.js
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 4fbd646370ff39ef500f14d86c6670cccbe16eb60874b840a187962aa34a9317

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
last-modified: Tue, 07 Jul 2020 20:11:01 GMT
server: ddos-guard
etag: "d9fc-5a9df97139f40"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 55804
expires: Sat, 26 Feb 2022 08:32:00 GMT

GET
H2 200 reset-settings.css
45.147.197.153/css/ 3 KB
3 KB 342ms
342ms Stylesheet
text/css 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://45.147.197.153/css/reset-settings.css
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/css/styles.css?v=0.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: a5de32ab9795b7235af3cd3566c49ad122862b6ba617f95373a2f195d2e008b1

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/css/styles.css?v=0.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:31:59 GMT
last-modified: Tue, 07 Jul 2020 20:39:47 GMT
server: ddos-guard
etag: "d2e-5a9dffdf44ac0"
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3374
expires: Sat, 26 Feb 2022 08:31:59 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 87 B
370 B 853ms
220ms XHR
application/json 2a02:6b8::16b
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

255f58e9e24585580ba98e3fee970f4444fb5f9e6dfa762586aa5c5a5a09ad8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://45.147.197.153
date: Thu, 27 Jan 2022 08:32:00 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 87
x-content-type-options: nosniff
content-type: application/json

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
919 B 240ms
77ms XHR
application/json 203.195.121.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://45.147.197.153/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://45.147.197.153
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2

200

sspmatch-js Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=6204940002
https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=6204940002&crf=1

882 B
980 B

77ms
77ms

Script
text/javascript

203.195.121.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=6204940002&crf=1
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Server: 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e1c057a64047a84ffcfa86f58911112067392eecb75dc292a7a5610c20b3e591

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 882
content-type: text/javascript

Redirect headers

location: /sspmatch-js?p=42565&randsalt=6204940002&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 404 bg2.png
45.147.197.153/images/ 16 KB
16 KB 1909ms
1909ms Image
text/html 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/images/bg2.png
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/css/styles.css?v=0.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard / PHP/7.1.33
Resource Hash: 60a2d65a343fbf9aeaba3ae26754316932abb2db07a60c2de319461f27306517

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/css/styles.css?v=0.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:01 GMT
cache-control: no-store, no-cache, must-revalidate
server: ddos-guard
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 500 logo-knigi-for-me.png
45.147.197.153/images/ 579 B
579 B 782ms
782ms Image
text/html 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/images/logo-knigi-for-me.png
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/css/styles.css?v=0.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 0fe50ec7d8c4a0423a924655a052545f189a0af2d5007fcfb4db918fe20d1865

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/css/styles.css?v=0.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
server: ddos-guard
content-length: 579
content-type: text/html

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 43ms
4ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://45.147.197.153
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 15:52:56 GMT
x-content-type-options: nosniff
age: 146344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 15:52:56 GMT

GET
H2 200 fontawesome-webfont.woff2
45.147.197.153/fonts/ 63 KB
63 KB 1913ms
1912ms Font
application/octet-stream 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://45.147.197.153/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/css/frameworks.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://45.147.197.153/css/frameworks.css
Origin: https://45.147.197.153
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
last-modified: Tue, 07 Jul 2020 20:49:34 GMT
server: ddos-guard
etag: "fbd0-5a9e020f13380"
cache-control: max-age=86400
accept-ranges: bytes
content-length: 64464
expires: Fri, 28 Jan 2022 08:32:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
9 KB 44ms
6ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://45.147.197.153
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 15:09:59 GMT
x-content-type-options: nosniff
age: 62521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 15:09:59 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2
fonts.gstatic.com/s/roboto/v29/ 10 KB
10 KB 45ms
7ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2a4d131bd14a3fa0e89f5dc3fb1c387b0b64e00d93d7709f20972f36dbb2c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://45.147.197.153
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 22:49:08 GMT
x-content-type-options: nosniff
age: 294172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10300
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 23 Jan 2023 22:49:08 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 44ms
6ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://45.147.197.153
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 18:05:40 GMT
x-content-type-options: nosniff
age: 570380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 20 Jan 2023 18:05:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
10 KB 39ms
5ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://45.147.197.153
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 15:10:37 GMT
x-content-type-options: nosniff
age: 62483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 15:10:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 30ms
3ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://45.147.197.153
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 15:43:50 GMT
x-content-type-options: nosniff
age: 146890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 15:43:50 GMT

GET
H2 404 book.png
45.147.197.153/templates/mg-v2-select-utf8-111/images/ 32 KB
32 KB 2218ms
2217ms Image
text/html 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/templates/mg-v2-select-utf8-111/images/book.png
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/css/frameworks.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard / PHP/7.1.33
Resource Hash: 4192fdd899dbc661d87b1b77733ac45a66db55c21ca43303a94adb2dd9e9c8f9

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/css/frameworks.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:02 GMT
cache-control: no-store, no-cache, must-revalidate
server: ddos-guard
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 relap.js Show response
relap.io/v7/ Frame E542 15 KB
5 KB 810ms
202ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/relap.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

ba59cb388eaa9ca1182aac64201064469ebed36e2087144d272da9233130b15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 07:35:26 GMT
server: nginx
etag: "61f0f9be-1350"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 4944
expires: Thu, 27 Jan 2022 08:33:00 GMT

GET
H2 404 decor.png
45.147.197.153/images/ 32 KB
32 KB 2128ms
2128ms Image
text/html 45.147.197.153
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://45.147.197.153/images/decor.png
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/css/styles.css?v=0.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.147.197.153 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm1670795.nvme.had.yt
Software: ddos-guard / PHP/7.1.33
Resource Hash: 3dae7f452f59e4d2307f11d2921534d0d46dfc05ca416c0990c225179c51f66e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/css/styles.css?v=0.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:01 GMT
cache-control: no-store, no-cache, must-revalidate
server: ddos-guard
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 pubads_impl_2022012503.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
118 KB 38ms
2ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012503.js?31064555

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

0df32c790bf3e270685bc509c332943cd48fb6fb60cb8bce8d2ce0c33782fa91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 23:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120954
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 18:45:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 23:14:22 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 33 B
72 B 72ms
37ms XHR
application/json 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=45.147.197.153

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

cbb9c57f655f50152014f9a6dbf02d795d03ccd1a85fc9b5e02e25af2bfe7fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48
x-xss-protection: 0
expires: Thu, 27 Jan 2022 08:32:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 76ms
2ms Script
text/javascript 2404:6800:4004:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-61640477-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2274
date: Thu, 27 Jan 2022 07:54:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 27 Jan 2022 09:54:06 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
416 B 72ms
36ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=45.147.197.153&callback=_gfp_s_&client=ca-pub-1618592205083780

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_fy2019.js?bust=31064215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

f7db1936bab93485145d5f3d1a84045bf1494c1da75bbd87c83765d61f86de8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 77ms
38ms Script
application/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=45.147.197.153

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_fy2019.js?bust=31064215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 76ms
37ms Script
application/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=45.147.197.153

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_fy2019.js?bust=31064215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC34 603 B
67 B 86ms
51ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&adk=1812271804&adf=3025194257&lmt=1643272320&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F45.147.197.153%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643272317983&bpp=2051&bdt=211&idt=2241&shv=r20220125&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8308117961566&frm=20&pv=2&ga_vid=1649886428.1643272320&ga_sid=1643272320&ga_hid=1905789894&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064215&oid=2&pvsid=2142504922673794&pem=90&tmod=691849559&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2254

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_fy2019.js?bust=31064215

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 Jan 2022 08:32:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 73ms
37ms XHR
text/plain 2404:6800:4004:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1905789894&t=pageview&_s=1&dl=https%3A%2F%2F45.147.197.153%2F&ul=en-us&de=UTF-8&dt=Knigi-For.me%3A%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B8%D0%B1%D0%BB%D0%B8%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D0%B4%D0%B5%D0%BB%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B8%20%D1%83%D1%87%D0%B5%D0%B1%D0%BD%D0%BE%D0%B9%20%D0%BB%D0%B8%D1%82%D0%B5%D1%80%D0%B0%D1%82%D1%83%D1%80%D1%8B.%20%D0%A7%D0%B8%D1%82%D0%B0%D0%B5%D0%BC%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1521669616&gjid=1970966316&cid=1649886428.1643272320&tid=UA-61640477-6&_gid=862208060.1643272320&_r=1&gtm=2ou1o0&z=19331090

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://45.147.197.153/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://45.147.197.153
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame B5B3 4 KB
1 KB 1207ms
108ms Document
text/html 151.236.92.146
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e7e2db56-bebc-541b-9848-f310f9baab90&CACHEBUSTER=276414
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=6204940002
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.92.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/

Response headers

server: nginx
date: Thu, 27 Jan 2022 08:32:01 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=c8680cc8-3200-412e-ba6a-87a80ac1af83
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=c8680cc8-3200-412e-ba6a-87a80ac1af83
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f0b6c5c7-d31b-4157-a40e-3a4d6c914648&user_group=1&ssp=between&bsw_param=c8680cc8-3200-412e-ba6a-87a80ac1af83
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=c8680cc8-3200-412e-ba6a-87a80ac1af83

68 B
607 B

77ms
77ms

Image
image/png

203.195.121.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=c8680cc8-3200-412e-ba6a-87a80ac1af83
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Server: 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=c8680cc8-3200-412e-ba6a-87a80ac1af83
Date: Thu, 27 Jan 2022 08:32:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=gPiJN9tqAt8.AikABlF-mqm3Rw

68 B
607 B

77ms
77ms

Image
image/png

203.195.121.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=gPiJN9tqAt8.AikABlF-mqm3Rw
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Server: 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:00 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=gPiJN9tqAt8.AikABlF-mqm3Rw
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

/
sync.bumlam.com/
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=e7e2db56-bebc-541b-9848-f310f9baab90
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiBscmPBlIFvp7KygpiJGU3ZTJkYjU2LWJlYmMtNTQxYi05ODQ4LWYzMTBmOWJhYWI5MA**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiBscmPBlIFvp7KygpiJGU3ZTJkYjU2LWJlYmMtNTQxYi05ODQ4LWYzMTBmOWJhYWI5MKIBEJnKrIZ_SxHspukAJZDIJDc*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiBscmPBmIkZTdlMmRiNTYtYmViYy01NDFiLTk4NDgtZjMxMGY5YmFhYjkwogEQmcqshn9LEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiBscmPBmIkZTdlMmRiNTYtYmViYy01NDFiLTk4NDgtZjMxMGY5YmFhYjkwogEQmcqshn9LEeym6QAlkMgkNw**

0
103 B

1619ms
1235ms

Image
text/plain

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=bw1&s_data=CAIQARiBscmPBmIkZTdlMmRiNTYtYmViYy01NDFiLTk4NDgtZjMxMGY5YmFhYjkwogEQmcqshn9LEeym6QAlkMgkNw**
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: HTTP/1.1
Server: 31.172.81.159 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 27 Jan 2022 08:32:04 GMT
Server: nginx

Redirect headers

Date: Thu, 27 Jan 2022 08:32:02 GMT
Server: nginx
ETag: 99caac86-7f4b-11ec-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=bw1&s_data=CAIQARiBscmPBmIkZTdlMmRiNTYtYmViYy01NDFiLTk4NDgtZjMxMGY5YmFhYjkwogEQmcqshn9LEeym6QAlkMgkNw**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=d64370dfc6fe7839ed35e0d1

68 B
607 B

77ms
77ms

Image
image/png

203.195.121.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=d64370dfc6fe7839ed35e0d1
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Server: 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Thu, 27 Jan 2022 08:32:00 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=d64370dfc6fe7839ed35e0d1
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap4sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 a2afe70273a8dbcb9f25.js Show response
yastatic.net/partner-code-bundles/53193/ 13 KB
5 KB 641ms
213ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53193/a2afe70273a8dbcb9f25.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1006cd4ad1bf8d42c932551ed187ef709087d51d87bcac6cf76ed5699d0a3b7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://45.147.197.153/
Origin: https://45.147.197.153
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4460
last-modified: Wed, 26 Jan 2022 20:52:08 GMT
server: nginx/1.17.9
etag: "debfa2a6690900ecdcadec53627b36b9"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2052 15:07:31 GMT

GET
H2 200 7f9289f2d1d0be471e13.js Show response
yastatic.net/partner-code-bundles/53193/ 80 KB
17 KB 875ms
450ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53193/7f9289f2d1d0be471e13.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

eb1844fcc4bf1d62b69602a2b0b49b3b1e4628aaeecb4b571dce11ed044f922c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://45.147.197.153/
Origin: https://45.147.197.153
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17022
last-modified: Wed, 26 Jan 2022 20:52:08 GMT
server: nginx/1.17.9
etag: "4dbefc342177d8194c5581ef6c33d940"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2052 15:07:32 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 1213ms
789ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://45.147.197.153/
Origin: https://45.147.197.153
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2052 15:06:17 GMT

GET
H2 200 7f018a2f010d0d47a0e0.js Show response
yastatic.net/partner-code-bundles/53193/ 588 KB
121 KB 973ms
556ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53193/7f018a2f010d0d47a0e0.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e0c7f5b629e296373b39fb59394961426f3d4f1cdfc967d2254ba342d507eb97

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://45.147.197.153/
Origin: https://45.147.197.153
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 123009
last-modified: Wed, 26 Jan 2022 20:52:08 GMT
server: nginx/1.17.9
etag: "1f07e836bec7ce5aceb3ca3b060242d8"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2052 15:07:32 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 198 KB
68 KB 874ms
433ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 45.147.197.153
URL: https://45.147.197.153/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

07073217c92a44135bac05794afd5ed9ecf8703690dbe941e00c3cfb669da2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-10e32"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69170
expires: Thu, 27 Jan 2022 09:32:01 GMT

GET
H2 200 hit
c.hit.ua/ 43 B
311 B 941ms
211ms Image
image/gif 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.hit.ua/hit?i=41058&g=0&x=2&s=1&c=1&t=0&w=1600&h=1200&d=24&0.3259657630022461&r=&u=https%3A//45.147.197.153/
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
server: nginx/1.17.9
p3p: policyref="/w3c/p3p.xml", CP="UNI"
expires: 0

OPTIONS
H2 200 init
relap.io/api/v7/ Frame 0
0 800ms
200ms Preflight
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/init?token=uIrzIBaSLNEsTktO&url=https%3A%2F%2F45.147.197.153%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://45.147.197.153
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
content-type: text/html;charset=UTF-8
content-length: 0
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
date: Thu, 27 Jan 2022 08:32:01 GMT
vary: Origin
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-credentials: true
x-server: back12
x-content-type-options: nosniff
access-control-allow-origin: https://45.147.197.153
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
strict-transport-security: max-age=5184000; includeSubdomains;

GET
H2 200 app_index.6a34a520bdb8c81c967b.js Show response
relap.io/v7/ Frame E542 14 KB
7 KB 219ms
219ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/app_index.6a34a520bdb8c81c967b.js

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

67daf2a227e705ee770414f77f0266dfd96bab6f8051cf96d62fad683fea7910

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 07:35:26 GMT
server: nginx
etag: "61f0f9be-19c7"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
content-length: 6599
expires: Sat, 26 Feb 2022 08:32:01 GMT

GET
H2 200 init Show response
relap.io/api/v7/ Frame E542 3 KB
2 KB 249ms
246ms Fetch
application/json 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/init?token=uIrzIBaSLNEsTktO&url=https%3A%2F%2F45.147.197.153%2F

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

e3321179e5435b0f307fef248c97b6b71af32a6bfd2809c3075de1048ffe50f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer: https://45.147.197.153/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://45.147.197.153
x-relap-cookie: rlprp=IgIYTg:2tl0Uw
x-server: back08
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers: X-Relap-Cookie

OPTIONS
H2 200 ext_cfgs
relap.io/api/v7/ Frame 0
0 798ms
199ms Preflight
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/ext_cfgs?token=uIrzIBaSLNEsTktO&url=https%3A%2F%2F45.147.197.153%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://45.147.197.153
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
content-type: text/html;charset=UTF-8
content-length: 0
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
date: Thu, 27 Jan 2022 08:32:01 GMT
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
x-content-type-options: nosniff
access-control-allow-origin: https://45.147.197.153
vary: Origin
x-server: back14
access-control-allow-credentials: true
strict-transport-security: max-age=5184000; includeSubdomains;

GET
H2 200 ext_cfgs Show response
relap.io/api/v7/ Frame E542 599 B
2 KB 334ms
330ms Fetch
application/json 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/ext_cfgs?token=uIrzIBaSLNEsTktO&url=https%3A%2F%2F45.147.197.153%2F

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

ad1739793d6985930fe09000a5aab5dddf88b7415fd69d4ea6815c3e26d6335a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer: https://45.147.197.153/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Jan 2022 08:32:02 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://45.147.197.153
access-control-max-age: 1728000
x-server: back03
strict-transport-security: max-age=5184000; includeSubdomains;
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
content-length: 599
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
262 B 660ms
213ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer?headerBidding=53193&event=called

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://45.147.197.153/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
31 B 680ms
234ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer?headerBidding=53193&event=sent&bidder=betweendigital

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://45.147.197.153/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
313 B 81ms
80ms XHR
application/json 203.195.121.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://45.147.197.153/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://45.147.197.153
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 vendor.2a54eb1b2e620c066a23.js Show response
relap.io/v7/ Frame E542 362 KB
94 KB 235ms
234ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/vendor.2a54eb1b2e620c066a23.js

Requested by

Host: relap.io
URL: https://relap.io/v7/app_index.6a34a520bdb8c81c967b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

6016bddc230562095fdd60a2ec74f7d2a05dcb2173a46e68b931b9e1706c976e

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 07:35:26 GMT
server: nginx
etag: "61f0f9be-17530"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
content-length: 95536
expires: Sat, 26 Feb 2022 08:32:01 GMT

GET
H2 200 common_core.e8e5c4cc2b6f72a16f58.js Show response
relap.io/v7/ Frame E542 260 KB
56 KB 663ms
663ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/common_core.e8e5c4cc2b6f72a16f58.js

Requested by

Host: relap.io
URL: https://relap.io/v7/app_index.6a34a520bdb8c81c967b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

0c2092a068f894d7291557af058e78c6fb137d2eaccc29a74ded683b6d66164e

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 07:35:26 GMT
server: nginx
etag: "61f0f9be-e085"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
content-length: 57477
expires: Sat, 26 Feb 2022 08:32:01 GMT

GET
H2 200 app.4713296cb2b5d54c0d81.js Show response
relap.io/v7/ Frame E542 52 KB
6 KB 664ms
663ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/app.4713296cb2b5d54c0d81.js

Requested by

Host: relap.io
URL: https://relap.io/v7/app_index.6a34a520bdb8c81c967b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

c185adf20370897c5c477e9a8e00c2824212f486e8b0986dcdc19cdcd5f95eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:01 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 07:35:26 GMT
server: nginx
etag: "61f0f9be-1854"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
content-length: 6228
expires: Sat, 26 Feb 2022 08:32:01 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ Frame B5B3
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c8680cc8-3200-412e-ba6a-87a80ac1af83&ssp=between&gdpr=&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10527304867929609306&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10527304867929609306&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=743e3544-8c38-444c-b038-ebbd9750e71d&ssp=between&gdpr_consent=&gdpr=
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=164561104044001165854&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=419&user_id=10527304867929609306&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=

43 B
235 B

8ms
5ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=419&user_id=10527304867929609306&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 08:32:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:01 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://x.bidswitch.net/sync?dsp_id=419&user_id=10527304867929609306&ssp=<SSP_VALUE>&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

/
sync.bumlam.com/ Frame B5B3
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiCscmPBlIFl4XSlAY*
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiCscmPBlIFl4XSlAaiARCZ7TC8f0sR7KbpACWQyCQ3
https://sync.bumlam.com/?src=aid0&s_data=CAIQABiCscmPBqIBEJntMLx_SxHspukAJZDIJDc*
https://sync.bumlam.com/?src=aid0&s_data=CAIQARiCscmPBqIBEJntMLx_SxHspukAJZDIJDc*

0
103 B

1327ms
1237ms

Image
text/plain

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=aid0&s_data=CAIQARiCscmPBqIBEJntMLx_SxHspukAJZDIJDc*
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: HTTP/1.1
Server: 31.172.81.159 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 27 Jan 2022 08:32:04 GMT
Server: nginx

Redirect headers

Date: Thu, 27 Jan 2022 08:32:03 GMT
Server: nginx
ETag: 99ed30bc-7f4b-11ec-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=aid0&s_data=CAIQARiCscmPBqIBEJntMLx_SxHspukAJZDIJDc*
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

OPTIONS
H2 200 metrics
relap.io/api/v7/ Frame 0
0 201ms
201ms Preflight
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/metrics

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://45.147.197.153
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
content-type: text/html;charset=UTF-8
content-length: 0
x-server: back04
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
vary: Origin
date: Thu, 27 Jan 2022 08:32:02 GMT
access-control-allow-origin: https://45.147.197.153
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubdomains;

POST
H2 200 / Show response
s.relap.io/api/8/envelope/ Frame E542 2 B
176 B 201ms
199ms Fetch
application/json 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://s.relap.io/api/8/envelope/?sentry_key=de87b3f4168749e8889e7f7049c29c5d&sentry_version=7
Requested by: Host: relap.io
URL: https://relap.io/v7/vendor.2a54eb1b2e620c066a23.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://45.147.197.153/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://45.147.197.153
date: Thu, 27 Jan 2022 08:32:02 GMT
server: nginx
content-type: application/json
content-length: 2
vary: Origin
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error

POST
H2 200 metrics Show response
relap.io/api/v7/ Frame E542 2 B
1 KB 209ms
209ms Fetch
application/json 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/metrics

Requested by

Host: relap.io
URL: https://relap.io/v7/vendor.2a54eb1b2e620c066a23.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer: https://45.147.197.153/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Jan 2022 08:32:02 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
content-length: 2
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma: no-cache
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://45.147.197.153
cache-control: max-age=1, no-cache
x-server: back23
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie

GET
H2 200 abp.gif
relap.io/ Frame E542 43 B
208 B 198ms
197ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/abp.gif?ch=1&rn=4.691757885049107

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:02 GMT
last-modified: Wed, 21 Apr 2021 14:05:03 GMT
server: nginx
etag: "6080310f-2b"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2 200 abp.gif
relap.io/ Frame E542 43 B
208 B 199ms
199ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/abp.gif?ch=2&rn=4.691757885049107

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:02 GMT
last-modified: Wed, 21 Apr 2021 14:05:03 GMT
server: nginx
etag: "6080310f-2b"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2

204

supersync
sync.1dmp.io/ Frame 475A
Redirect Chain

https://sync.1dmp.io/supersync?pid=w&o=ns&cid=d532925e-370a-4913-9238-e8b91206247f&brid=3fdc8267-2323-4ff5-80fe-dc2813a9742e&uid=5f6SafHr
https://sync.1dmp.io/supersync?t=9a2ba8b1-7f4b-11ec-a15e-901b0e8d6a9d

0
0

255ms
255ms

Document
text/plain

88.99.149.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.1dmp.io/supersync?t=9a2ba8b1-7f4b-11ec-a15e-901b0e8d6a9d
Requested by: Host: relap.io
URL: https://relap.io/v7/common_core.e8e5c4cc2b6f72a16f58.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dmc-test-dn3
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/

Response headers

server: nginx
date: Thu, 27 Jan 2022 08:32:03 GMT

Redirect headers

server: nginx
date: Thu, 27 Jan 2022 08:32:02 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
location: /supersync?t=9a2ba8b1-7f4b-11ec-a15e-901b0e8d6a9d

GET
H2

200

altergeocs
relap.io/partners/ Frame E542
Redirect Chain

https://cm.p.altergeo.ru/relap?aid=5f6SafHr&nc=jIaRmXUv&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D
https://relap.io/partners/altergeocs?uid=CMLktcFWS5SKupflIxX2eSug==

43 B
690 B

223ms
222ms

Image
image/gif

95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/altergeocs?uid=CMLktcFWS5SKupflIxX2eSug==

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:02 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: back19
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 08:32:02 GMT
Server: nginx/1.16.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://relap.io/partners/altergeocs?uid=CMLktcFWS5SKupflIxX2eSug==
Cache-Control: max-age=0, no-cache, no-store
Connection: close
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

counter2
top-fwz1.mail.ru/ Frame E542
Redirect Chain

https://top-fwz1.mail.ru/counter?id=3136989;js=na
https://top-fwz1.mail.ru/counter2?id=3136989;js=na

43 B
957 B

193ms
192ms

Image
image/gif

217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=3136989;js=na

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:03 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Thu, 27 Jan 2022 08:32:02 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
location: https://top-fwz1.mail.ru/counter2?id=3136989;js=na
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

204

0.gif
x01.aidata.io/ Frame E542
Redirect Chain

https://x01.aidata.io/0.gif?pid=RELAP&id=5f6SafHr
https://x01.aidata.io/0.gif?pid=RELAP&id=5f6SafHr&bounce=1
https://sm.rtb.mts.ru/p?ssp=aidata&id=9b%2F1jjVEM8XlBdesVw0afA
https://sm.rtb.mts.ru/match/second?ssp=51&exu=9b%2F1jjVEM8XlBdesVw0afA
https://tech.rtb.mts.ru/?dsp_uid=5a9f5a50-a512-47d9-a164-de31cf05aa34&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3D9b%252F1jjVEM8XlBdesVw0afA%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=9b%2F1jjVEM8XlBdesVw0afA&id=
https://x01.aidata.io/0.gif?pid=9503528&uid=5a9f5a50-a512-47d9-a164-de31cf05aa34&exu=9b%!F(string=%20%20)1jjVEM8XlBdesVw0afA

0
432 B

186ms
186ms

Image
text/plain

89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9503528&uid=5a9f5a50-a512-47d9-a164-de31cf05aa34&exu=9b%!F(string=%20%20)1jjVEM8XlBdesVw0afA
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:05 GMT
last-modified: Thu, 27 Jan 2022 08:32:04 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Thu, 27 Jan 2022 08:32:04 GMT

Redirect headers

Date: Thu, 27 Jan 2022 08:32:05 GMT
Server: nginx
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Location: https://x01.aidata.io/0.gif?pid=9503528&uid=5a9f5a50-a512-47d9-a164-de31cf05aa34&exu=9b%!F(string= )1jjVEM8XlBdesVw0afA
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/65503507/
Redirect Chain

https://mc.yandex.ru/watch/65503507?wmode=7&page-url=https%3A%2F%2F45.147.197.153%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqe375y9e67%3Afp%3A4021%3Afu%3A0%3Aen%3Autf-8%3Ala%...
https://mc.yandex.ru/watch/65503507/1?wmode=7&page-url=https%3A%2F%2F45.147.197.153%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqe375y9e67%3Afp%3A4021%3Afu%3A0%3Aen%3Autf-8%3Al...

350 B
723 B

218ms
217ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/65503507/1?wmode=7&page-url=https%3A%2F%2F45.147.197.153%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqe375y9e67%3Afp%3A4021%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1586014706684%3Ahid%3A282899591%3Az%3A0%3Ai%3A20220127083202%3Aet%3A1643272322%3Ac%3A1%3Arn%3A560173721%3Arqn%3A1%3Au%3A1643272322373704400%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643272316047%3Ads%3A0%2C93%2C1627%2C387%2C0%2C0%2C%2C2801%2C0%2C%2C%2C%2C4909%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643272322%3At%3AKnigi-For.me%3A%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B8%D0%B1%D0%BB%D0%B8%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D0%B4%D0%B5%D0%BB%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B8%20%D1%83%D1%87%D0%B5%D0%B1%D0%BD%D0%BE%D0%B9%20%D0%BB%D0%B8%D1%82%D0%B5%D1%80%D0%B0%D1%82%D1%83%D1%80%D1%8B.%20%D0%A7%D0%B8%D1%82%D0%B0%D0%B5%D0%BC%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD.&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: 45.147.197.153
URL: https://45.147.197.153/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

9aad9b0a2ab753474e4128814f19a34cbb16e0aff1ceb750309c4b72b41ad47c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 27-Jan-2022 08:32:02 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://45.147.197.153
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 08:32:02 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:02 GMT
last-modified: Thu, 27-Jan-2022 08:32:02 GMT
location: /watch/65503507/1?wmode=7&page-url=https%3A%2F%2F45.147.197.153%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqe375y9e67%3Afp%3A4021%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1586014706684%3Ahid%3A282899591%3Az%3A0%3Ai%3A20220127083202%3Aet%3A1643272322%3Ac%3A1%3Arn%3A560173721%3Arqn%3A1%3Au%3A1643272322373704400%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643272316047%3Ads%3A0%2C93%2C1627%2C387%2C0%2C0%2C%2C2801%2C0%2C%2C%2C%2C4909%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643272322%3At%3AKnigi-For.me%3A%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B8%D0%B1%D0%BB%D0%B8%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D0%B4%D0%B5%D0%BB%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B8%20%D1%83%D1%87%D0%B5%D0%B1%D0%BD%D0%BE%D0%B9%20%D0%BB%D0%B8%D1%82%D0%B5%D1%80%D0%B0%D1%82%D1%83%D1%80%D1%8B.%20%D0%A7%D0%B8%D1%82%D0%B0%D0%B5%D0%BC%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD.&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://45.147.197.153
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 08:32:02 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 216ms
216ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: 45.147.197.153
URL: https://45.147.197.153/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://45.147.197.153/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:02 GMT
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 09:32:02 GMT

OPTIONS
H2 200 stat
relap.io/api/v7/ Frame 0
0 201ms
201ms Preflight
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/stat

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-relap-cookie,x-relap-unique
Origin: https://45.147.197.153
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
content-type: text/html;charset=UTF-8
content-length: 0
vary: Origin
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
x-content-type-options: nosniff
access-control-max-age: 1728000
access-control-allow-credentials: true
x-server: web09
date: Thu, 27 Jan 2022 08:32:02 GMT
access-control-allow-origin: https://45.147.197.153
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
strict-transport-security: max-age=5184000; includeSubdomains;

POST
H2 200 stat Show response
relap.io/api/v7/ Frame E542 2 B
824 B 247ms
246ms Fetch
application/json 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/stat

Requested by

Host: relap.io
URL: https://relap.io/v7/vendor.2a54eb1b2e620c066a23.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie: rlprp=IgIYTg:2tl0Uw
Referer: https://45.147.197.153/
Accept-Language: jp-JP,jp;q=0.9
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-Relap-Unique: MTBiY2Zj

Response headers

date: Thu, 27 Jan 2022 08:32:02 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
content-length: 2
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma: no-cache
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://45.147.197.153
x-relap-cookie: rlprp=IgIYTg:2tl0Uw
cache-control: max-age=1, no-cache
x-server: back10
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers: X-Relap-Cookie

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame B294
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

11ms
2ms

Document
text/html

23.10.15.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e7e2db56-bebc-541b-9848-f310f9baab90&CACHEBUSTER=276414
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-15-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Jan 2022 08:32:04 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
date: Thu, 27 Jan 2022 08:32:04 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B294 32 KB
10 KB 7ms
7ms Script
text/html 23.10.15.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-15-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c36edebe686c829c7093c37f6089e524c0a9f26a1fa2a993adad7f4a66199a35

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 08:32:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=32261
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9704
Expires: Thu, 27 Jan 2022 17:29:45 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame B294 284 B
921 B 701ms
176ms Image
image/jpg 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 0963d041a95f271fbba7f411adc03573
Content-Type: image/jpg

GET
H2

200

match
ads.betweendigital.com/ Frame B294
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=KYWPWX5C-6-5C3M
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=KYWPWX5C-6-5C3M

68 B
607 B

79ms
79ms

Image
image/png

203.195.121.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=101&external_user_id=KYWPWX5C-6-5C3M
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: H2
Server: 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://ads.betweendigital.com/match?bidder_id=101&external_user_id=KYWPWX5C-6-5C3M
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: deb9f124eecce7a554c70ca983265c95
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B294
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE0NzEwMmJmZTVlNzdjNmU0YjcyMzgwNmYwYTIyY2UyNDQzNzI4Yw

170 B
188 B

76ms
38ms

Image
image/png

142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE0NzEwMmJmZTVlNzdjNmU0YjcyMzgwNmYwYTIyY2UyNDQzNzI4Yw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Protocol

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE0NzEwMmJmZTVlNzdjNmU0YjcyMzgwNmYwYTIyY2UyNDQzNzI4Yw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0963d041a95f271fbba7f411adc03573
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B294
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b62961f2-5885-4100-9426-24899c97d7ec

42 B
678 B

685ms
171ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b62961f2-5885-4100-9426-24899c97d7ec
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

Date: Thu, 27 Jan 2022 08:32:05 GMT
Server: MT3 4133 baa842e master hkg-pixel-x20 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b62961f2-5885-4100-9426-24899c97d7ec
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 27 Jan 2022 08:32:04 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B294
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/ymZ6FSf74wgQk1scK_tc0w?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1467206556342711728

42 B
678 B

413ms
173ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1467206556342711728
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

date: Thu, 27 Jan 2022 08:32:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1467206556342711728
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 200 709414.gif
id.rlcdn.com/ Frame B294 42 B
448 B 143ms
131ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 08:32:05 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

204

v1
ads.yahoo.com/cms/ Frame B294
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYWPWX5C-6-5C3M&sigv=1&esig=2~0e799e6a353c32f37855f86b29a57f7b21f8e877

0
194 B

9ms
1ms

Image
text/plain

2406:2000:a4:9fe::1
YAHOO-SG internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYWPWX5C-6-5C3M&sigv=1&esig=2~0e799e6a353c32f37855f86b29a57f7b21f8e877

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Protocol

Server

2406:2000:a4:9fe::1 Tokyo, Japan, ASN10230 (YAHOO-SG internet content provider, SG),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:06 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYWPWX5C-6-5C3M&sigv=1&esig=2~0e799e6a353c32f37855f86b29a57f7b21f8e877
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0963d041a95f271fbba7f411adc03573
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B294
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXUFdYNUMtNi01QzNN

170 B
188 B

38ms
38ms

Image
image/png

142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXUFdYNUMtNi01QzNN

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Protocol

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXUFdYNUMtNi01QzNN
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0963d041a95f271fbba7f411adc03573
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B294
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECca9yy_f_Rx9HD5DxmLKIo&google_cver=1

42 B
678 B

706ms
176ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECca9yy_f_Rx9HD5DxmLKIo&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 0963d041a95f271fbba7f411adc03573
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECca9yy_f_Rx9HD5DxmLKIo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B294
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfJYhQABqOjwYQBH
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfJYhQABqOjwYQBH&_test=YfJYhQABqOjwYQBH

42 B
678 B

697ms
175ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfJYhQABqOjwYQBH&_test=YfJYhQABqOjwYQBH
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:05 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1643272326.688675,VS0,VE0
x-served-by: cache-nrt18341-NRT
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfJYhQABqOjwYQBH&_test=YfJYhQABqOjwYQBH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

276414
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame B5B3
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/276414
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/276414

43 B
297 B

161ms
161ms

Image
image/gif

2001:6d0:4001::226

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/276414
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Server: 2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software: ms-counter-3.2.15/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:07 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.15/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 08:32:07 GMT
server: ms-counter-3.2.15/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/276414
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

204

1
sync-eu.connectad.io/pixel/ Frame B5B3
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=e7e2db56-bebc-541b-9848-f310f9baab90&expires=60
https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=c8680cc8-3200-412e-ba6a-87a80ac1af83

0
266 B

97ms
84ms

Image
text/plain

2606:4700:10::6816:37ce

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=c8680cc8-3200-412e-ba6a-87a80ac1af83
Requested by: Host: 45.147.197.153
URL: https://45.147.197.153/
Protocol: H2
Server: 2606:4700:10::6816:37ce -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:32:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-ray: 6d40a0eddf9d8a4e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Location: //sync-eu.connectad.io/pixel/1?dataid=data3&uuid=c8680cc8-3200-412e-ba6a-87a80ac1af83
Date: Thu, 27 Jan 2022 08:32:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame EC1F 2 KB
823 B 398ms
236ms Document
text/html 51.79.234.100

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e7e2db56-bebc-541b-9848-f310f9baab90&CACHEBUSTER=276414

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.100 -, , ASN (),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET

e7e2db56-bebc-541b-9848-f310f9baab90
an.yandex.ru/mapuid/betweendigitalis/ Frame B5B3
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fe7e2db56-bebc-541b-9848-f310f9baab90
https://an.yandex.ru/mapuid/betweendigitalis/e7e2db56-bebc-541b-9848-f310f9baab90

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: an.yandex.ru
URL: https://an.yandex.ru/mapuid/betweendigitalis/e7e2db56-bebc-541b-9848-f310f9baab90

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
45.147.197.153/	1969-12-31 23:59:59	Name: advanced-frontend Value: 7e014686dbf93d0b668d7689a73544d7
45.147.197.153/	1969-12-31 23:59:59	Name: _csrf-frontend Value: f6a36ea8bf782267d3d3b1f83cb703b3b0e4c20918c512c5a6358f8bb474ddeea%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22zU460EfJ-2smGDqRTt3JqTmQ7-btTz6-%22%3B%7D
45.147.197.153/	1970-01-20 17:59:04	Name: _ga Value: GA1.1.1649886428.1643272320
45.147.197.153/	1970-01-20 00:29:18	Name: _gid Value: GA1.1.862208060.1643272320
45.147.197.153/	1970-01-20 00:27:52	Name: _gat_gtag_UA_61640477_6 Value: 1
.betweendigital.com/	1970-01-20 09:13:28	Name: dc Value: sin1
.betweendigital.com/	1970-01-20 09:13:28	Name: ss Value: 1
.betweendigital.com/	1970-01-20 09:13:28	Name: tuuid Value: 4d2183f8-1597-541b-8cf5-01f6ed075976
.betweendigital.com/	1970-01-20 09:13:28	Name: unm Value: 1
.lijit.com/	1970-01-20 09:13:28	Name: ljt_reader Value: d64370dfc6fe7839ed35e0d1
.bidswitch.net/	1970-01-20 09:13:28	Name: tuuid Value: c8680cc8-3200-412e-ba6a-87a80ac1af83
.bidswitch.net/	1970-01-20 09:13:28	Name: c Value: 1643272320
.bidswitch.net/	1970-01-20 09:13:28	Name: tuuid_lu Value: 1643272320
pool.admedo.com/	1970-01-20 09:13:28	Name: tuuid Value: f0b6c5c7-d31b-4157-a40e-3a4d6c914648
pool.admedo.com/	1970-01-20 09:13:28	Name: c Value: 1643272320
pool.admedo.com/	1970-01-20 09:13:28	Name: tuuid_lu Value: 1643272320
.yandex.ru/	1970-01-23 16:03:52	Name: yandexuid Value: 8187083541643272320
.adhigh.net/	1970-01-20 09:13:28	Name: gi_u Value: gPiJN9tqAt8.AikABlF-mqm3Rw
45.147.197.153/	1969-12-31 23:59:59	Name: b Value: b
.adhigh.net/	1970-01-20 09:13:28	Name: btw_sync Value: j8B
.betweendigital.com/	1970-01-20 09:13:28	Name: ut Value: YfJYgQAB9-jlZ4AteRmP1TQGb1xeLEf-vP7vww==
.mookie1.com/	1970-01-20 09:56:40	Name: id Value: 10527304867929609306
.mookie1.com/	1970-01-20 09:56:40	Name: mdata Value: 1\|10527304867929609306\|1643272321631
.mookie1.com/	1970-01-20 09:56:40	Name: ov Value: c18a6da3b565f86ab007bcc69a59bb4b
.tapad.com/	1970-01-20 01:54:16	Name: TapAd_TS Value: 1643272321675
.tapad.com/	1970-01-20 01:54:16	Name: TapAd_DID Value: 743e3544-8c38-444c-b038-ebbd9750e71d
.tapad.com/	1970-01-20 01:54:16	Name: TapAd_3WAY_SYNCS Value:
.mookie1.com/	1970-01-20 00:42:16	Name: syncdata_TAP Value: 1
.agkn.com/	1970-01-20 09:13:28	Name: ab Value: 0001%3AIKqcHYyzmYAPVSUAjppAejT6s7IQv%2FIc
.mookie1.com/	1970-01-20 00:42:16	Name: syncdata_NEU Value: 1
.hit.ua/	1970-01-21 02:44:40	Name: uid Value: 2666821477.1643272321.4207876424
.relap.io/	1970-01-23 16:03:52	Name: fsts Value: 1643272321
.relap.io/	1970-01-20 00:48:01	Name: rlprp Value: IgIYTg--420bb9459c87fa01cf5e56a103b6cf0d093ab0c36b29cb81046f8032ea74896f
.relap.io/	1969-12-31 23:59:59	Name: 3rdpce Value: 1
.relap.io/	1970-01-23 16:03:52	Name: unique Value: 5f6SafHr
.relap.io/	1969-12-31 23:59:59	Name: suid Value: 70d8eb2f48c3be8d3e75ca25bb221c8f2b5c32b9--a47c5dd30c713b597a5c3c8610aecee2c311e3fe522d51df90b790dae70563e0
.adsniper.ru/	1970-01-27 07:39:52	Name: uuid3 Value: IiQ5OWVkMzBiYy03ZjRiLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1205272051643272322
.yandex.ru/	1970-01-23 16:03:52	Name: i Value: z03QpsTO8XsqCIHXPe1DmvXvD4h9bwSYgqkGy5mH54Dq6XGkbZZVuZxrhh7Selc53IdwOvioYwwFVqsQsYtRS9sc7V8=
.aidata.io/	1970-01-20 17:59:04	Name: __upin Value: 9b/1jjVEM8XlBdesVw0afA
.aidata.io/	1970-01-20 17:59:04	Name: __upints Value: 1643272322
.yandex.ru/	1970-01-23 16:03:52	Name: yuidss Value: 8187083541643272320
.yandex.ru/	1970-01-20 09:13:28	Name: ymex Value: 1958632322.yrts.1643272322#1958632322.yrtsi.1643272322
x01.aidata.io/	1970-01-20 00:32:11	Name: mts Value: 1
.1dmp.io/	1970-01-20 09:13:28	Name: uid Value: 9a2ba8b0-7f4b-11ec-a15e-901b0e8d6a9d
.1dmp.io/	1970-01-20 00:27:52	Name: 9a2ba8b1-7f4b-11ec-a15e-901b0e8d6a9d Value: cGlkPXcmbz1ucyZjaWQ9ZDUzMjkyNWUtMzcwYS00OTEzLTkyMzgtZThiOTEyMDYyNDdmJmJyaWQ9M2ZkYzgyNjctMjMyMy00ZmY1LTgwZmUtZGMyODEzYTk3NDJlJnVpZD01ZjZTYWZIcg==
.relap.io/	1970-01-23 16:03:52	Name: lsts Value: 1643272322
.relap.io/	1970-01-20 00:29:18	Name: hllc Value: 2
.relap.io/	1970-01-20 09:13:28	Name: rlpagcs Value: eyJ0cyI6MTY0MzI3MjMyMiwidWlkIjoiQ01Ma3RjRldTNVNLdXBmbEl4WDJlU3VnPT0ifQ--bb6f986133b5bade4f15df0fadc7831d922967df27f8cba268a40465a4b5e585
.mail.ru/	1970-01-20 09:14:54	Name: VID Value: 1epN2e1MCW2700000a18H4Y7:::0-0-0-70cb143:CAASEBq1tTn5pOuUu90zXvLpDXoaYJ6ugd_Ja6yaD5BoIorkhFbRj2W6b2n0XrPPWrHbItPEiObkkD4U6FkmRJNdmdpObFXxzvP3LvX8U84AFgP_IQYhNabx4QAWia2a1sircI7F-U-yTSU0-HuFl0ftck9sYA
.bumlam.com/	1970-01-27 07:39:52	Name: suuid3 Value: IiQ5OWVkMzBiYy03ZjRiLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.mts.ru/	1970-01-20 09:00:30	Name: dspid Value: 5a9f5a50-a512-47d9-a164-de31cf05aa34
.mts.ru/	1970-01-23 14:51:52	Name: mts_id Value: fda573f5-c2d9-4440-af43-63a6eb25cbdf
.mts.ru/	1970-01-23 14:51:52	Name: mts_id_last_sync Value: 1643272324
.rubiconproject.com/	1970-01-20 09:13:28	Name: khaos Value: KYWPWX5C-6-5C3M
.doubleclick.net/	1970-01-20 17:59:04	Name: IDE Value: AHWqTUkMoDRuNMdYsu4WNZhX3bmPCc-A9SL-94Xf-7oxNA54xY4F3-KbS2fIWnrCrOU
.mathtag.com/	1970-01-20 09:53:47	Name: uuid Value: b62961f2-5885-4100-9426-24899c97d7ec
.rlcdn.com/	1970-01-20 09:13:28	Name: rlas3 Value: AezJiB5AeUIlCwwSP9qVWcWja7iHt21Tc6vYNjf2GSc=
.rlcdn.com/	1970-01-20 01:54:16	Name: pxrc Value: CAA=
.everesttech.net/	1970-01-20 09:13:28	Name: everest_g_v2 Value: g_surferid~YfJYhQABqOjwYQBH
.yahoo.com/	1970-01-20 09:13:49	Name: A3 Value: d=AQABBIZY8mECECxOxDCbs8VhWkUrlJDjsOMFEgEBAQGq82H8YQAAAAAA_eMAAA&S=AQAAAptNbsKyvufJ2PZEpqX7WyM
.rubiconproject.com/	1970-01-20 09:13:28	Name: audit Value: 1\|76U+dvVV67u1duxGbcHTlA9tA5cFSzy0uZBzv9ncEEbKrqjHmD7F6/4yxAI7G+C4ghtkZ0nEarXLv0ZnN1+t0Vm3DUAyuHnL

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1618592205083780&output=html&adk=1812271804&adf=3025194257&lmt=1643272320&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F45.147.197.153%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643272317983&bpp=2051&bdt=211&idt=2241&shv=r20220125&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8308117961566&frm=20&pv=2&ga_vid=1649886428.1643272320&ga_sid=1643272320&ga_hid=1905789894&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064215&oid=2&pvsid=2142504922673794&pem=90&tmod=691849559&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2254 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://45.147.197.153/images/logo-knigi-for-me.png Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://45.147.197.153/books/228816/228816.jpg Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://45.147.197.153/books/289094/289094.jpg Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://45.147.197.153/images/bg2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://45.147.197.153/images/decor.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://45.147.197.153/templates/mg-v2-select-utf8-111/images/book.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.betweendigital.com
ads.yahoo.com
adservice.google.co.jp
adservice.google.com
an.yandex.ru
ap.lijit.com
c.hit.ua
cache.betweendigital.com
cdn.adfinity.pro
cm.g.doubleclick.net
cm.p.altergeo.ru
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
matchid.adfox.yandex.ru
mc.yandex.ru
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel.konnektu.ru
pixel.rubiconproject.com
pixel.tapad.com
pool.admedo.com
pr-bh.ybp.yahoo.com
px.adhigh.net
relap.io
s.relap.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
sm.rtb.mts.ru
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1dmp.io
sync.bumlam.com
sync.mathtag.com
sync3.adsniper.ru
tech.rtb.mts.ru
token.rubiconproject.com
top-fwz1.mail.ru
www.google-analytics.com
www.googletagmanager.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
yandex.ru
yastatic.net
an.yandex.ru
103.229.206.240
107.178.244.193
130.193.58.13
138.201.139.144
142.250.196.130
142.251.42.194
151.101.2.49
151.236.92.146
193.232.150.45
2001:6d0:4001::226
203.195.121.142
209.191.163.210
213.19.162.80
213.87.44.187
217.66.147.165
217.69.133.145
23.10.15.201
23.36.110.226
2404:6800:4004:808::2002
2404:6800:4004:80b::2002
2404:6800:4004:80c::2003
2404:6800:4004:80f::2008
2404:6800:4004:81e::200a
2404:6800:4004:81f::200e
2404:6800:4004:820::2002
2404:6800:4004:824::2002
2406:2000:a4:9fe::1
2406:da18:929:5a00:418f:227e:8fb9:f91
2606:4700:10::6816:37ce
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::90
2a02:6b8:a::a
2a03:90c0:9995::9995
3.115.90.45
31.172.81.159
35.190.60.146
35.213.12.39
35.227.202.26
45.147.197.153
51.79.234.100
52.69.231.228
8.39.36.141
88.99.149.88
89.108.119.28
89.184.81.35
95.163.37.253
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
07073217c92a44135bac05794afd5ed9ecf8703690dbe941e00c3cfb669da2f1
0a26812cc6764a9936425a3a51e220413328849eb2dcd4b6c7f7d16c1ea245b0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2092a068f894d7291557af058e78c6fb137d2eaccc29a74ded683b6d66164e
0df32c790bf3e270685bc509c332943cd48fb6fb60cb8bce8d2ce0c33782fa91
0e7624e479f2ca1914a75398a2b6fa19878660ff35e2a187ec0eb6cdcee9324e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0fe50ec7d8c4a0423a924655a052545f189a0af2d5007fcfb4db918fe20d1865
1006cd4ad1bf8d42c932551ed187ef709087d51d87bcac6cf76ed5699d0a3b7e
14551f3531734ac213ab93786390cd774636130ede5b8f12101e5d5760b88c77
1b4dbf1334d08a15c9cca9e17c0907a7b20df270c520cd6fedb6c84aad85518a
242d6485a362700f177f354c8c3d9f24b593179940cf3d54d52ff4e4676056ce
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
255f58e9e24585580ba98e3fee970f4444fb5f9e6dfa762586aa5c5a5a09ad8b
269e19cf2771f13a83636361458588ed73621684f28ec3a3cc51f03264941af9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
3047eed89ae9c763a86850da329a641b58c28c1627b34abc5ccf948311380c78
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39aed9fd5db6824ab7e8cdd0d2388d1922fff7626164848de5263b0abfd15e1a
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3dae7f452f59e4d2307f11d2921534d0d46dfc05ca416c0990c225179c51f66e
3ef7f4810e2b4133e64caeaf324536530b649c8b7937bd907687397275bfb579
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4192fdd899dbc661d87b1b77733ac45a66db55c21ca43303a94adb2dd9e9c8f9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4fbd646370ff39ef500f14d86c6670cccbe16eb60874b840a187962aa34a9317
502232c0221d75c8ecea88239eb55d1ced95f84661b9a7b9afb8dd22e1e259a4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59725fe9e622907c1019a51cac69abb6b78d01236dbb55a12c7831ededd33c58
5a0711978ec16c3c675cf046bdbda23447d7924d0092d415bc4f496ae50a615b
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
6016bddc230562095fdd60a2ec74f7d2a05dcb2173a46e68b931b9e1706c976e
60a2d65a343fbf9aeaba3ae26754316932abb2db07a60c2de319461f27306517
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
67daf2a227e705ee770414f77f0266dfd96bab6f8051cf96d62fad683fea7910
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f83ab29b7c572f2cd1fd04ef69c8638134e5118d967a47538f621332baea4a8
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8556c63df112979402a23d5878d6cc30309c8447ca2fbad6ce147bb732e52255
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
94f5256c30756a47b69c430f810b57dab395331ebd8e4bb2ecba355da9e0ebf9
9aad9b0a2ab753474e4128814f19a34cbb16e0aff1ceb750309c4b72b41ad47c
a0d19675afe51c0f85efd200a09437bd5f2289876952ac96d01371ea6d08c89b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a5de32ab9795b7235af3cd3566c49ad122862b6ba617f95373a2f195d2e008b1
a71b1b5fbccbb4c3a48571939dac528c22d28dd42f041dd8efee6e681ebd7ba2
a9ced29a8ee972be8f31208c85f6f9d4158f1add53a255fbacf684736cff122c
ad1739793d6985930fe09000a5aab5dddf88b7415fd69d4ea6815c3e26d6335a
af3d1a33c516417bd9c86d4618e91ef85fa7f155937cf4ce29945c9a74b6e739
af8c1bac3d15781ca0fba0dc9b376a49e9d64ca8ebacf1681e7abb141d8440a9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f01cb8ad829c32b9b864a3c53e361b30bc7770ce4cf7c42d9b7922f016056b
b2dd3526d9bbe77c9eb04636762b8546f36df4499c7c77b7d5767544725177ba
ba59cb388eaa9ca1182aac64201064469ebed36e2087144d272da9233130b15f
bc3a5f523fa206bd7c75f79d53076ea678645acb757e412f8ae437bad377d430
bfa8c35cc60a807de0c048b197a19270e04e580e9771fc220c8e01c514f8c212
c185adf20370897c5c477e9a8e00c2824212f486e8b0986dcdc19cdcd5f95eda
c36edebe686c829c7093c37f6089e524c0a9f26a1fa2a993adad7f4a66199a35
c85f5a1c47e015e67ab335b47d581c645561e2664e3a257aa421e86470f42758
cbb9c57f655f50152014f9a6dbf02d795d03ccd1a85fc9b5e02e25af2bfe7fde
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdfbc512d5bdb0cadeb7dd2a9bee536043615c65d0ce93aa770c2119a2c3d6ba
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0abdbd997ebec75df931fbccff795fdaa697daccf6e09f1b3014ffb9ab2b0d5
d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a
d2a4d131bd14a3fa0e89f5dc3fb1c387b0b64e00d93d7709f20972f36dbb2c07
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0c7f5b629e296373b39fb59394961426f3d4f1cdfc967d2254ba342d507eb97
e1c057a64047a84ffcfa86f58911112067392eecb75dc292a7a5610c20b3e591
e3321179e5435b0f307fef248c97b6b71af32a6bfd2809c3075de1048ffe50f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb1844fcc4bf1d62b69602a2b0b49b3b1e4628aaeecb4b571dce11ed044f922c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4c4f3c64a6fffe7e6ffd9217a92f6b97a45daafba2565a23938d14bde893f50
f7db1936bab93485145d5f3d1a84045bf1494c1da75bbd87c83765d61f86de8f

45.147.197.153 Open in urlscan Pro 45.147.197.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

112 Requests

54 %HTTPS

38 %IPv6

38 Domains

51 Subdomains

34 IPs

9 Countries

2237 kBTransfer

4668 kBSize

62 Cookies

6 Outgoing links

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

45.147.197.153 Open in urlscan Pro
45.147.197.153 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

54 %
HTTPS

38 %
IPv6

38
Domains

51
Subdomains

34
IPs

9
Countries

2237 kB
Transfer

4668 kB
Size

62
Cookies

112 HTTP transactions
-1 data transactions