premiuminter.forum2x2.ru Open in urlscan Pro
94.23.159.185 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://qr-adv.com/26im0
Effective URL:
https://premiuminter.forum2x2.ru/forum
Submission: On March 13 via manual (March 13th 2021, 4:37:45 pm UTC) from RU

Summary HTTP 107 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 39 IPs in 7 countries across 30 domains to perform 107 HTTP transactions. The main IP is 94.23.159.185, located in London, United Kingdom and belongs to OVH, FR. The main domain is premiuminter.forum2x2.ru.
TLS certificate: Issued by R3 on January 17th 2021. Valid for: 3 months.

This is the only time premiuminter.forum2x2.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:dd6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	94.23.159.185 94.23.159.185	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3030::ac43:9798	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	23.111.9.57 23.111.9.57	33438 (HIGHWINDS2) (HIGHWINDS2)
13	2606:4700:20:... 2606:4700:20::ac43:48e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.23.156.217 2.23.156.217	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:303... 2606:4700:3033::6815:3fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a30d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:5aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	52.50.7.8 52.50.7.8	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:3ac5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2.23.156.235 2.23.156.235	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2606:4700:303... 2606:4700:3035::6815:57a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.34.123.238 52.34.123.238	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3037::ac43:8e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	130.211.31.231 130.211.31.231	15169 (GOOGLE) (GOOGLE)
12	2606:4700:303... 2606:4700:3034::6815:1cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	54.214.163.233 54.214.163.233	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:210... 2a02:26f0:2100:18f::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	3.229.248.93 3.229.248.93	14618 (AMAZON-AES) (AMAZON-AES)
1	18.208.241.4 18.208.241.4	14618 (AMAZON-AES) (AMAZON-AES)
2 8	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.202.70.106 34.202.70.106	14618 (AMAZON-AES) (AMAZON-AES)
2	52.59.160.25 52.59.160.25	16509 (AMAZON-02) (AMAZON-02)
4 5	3.126.63.176 3.126.63.176	16509 (AMAZON-02) (AMAZON-02)
3 5	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
2 2	52.49.114.167 52.49.114.167	16509 (AMAZON-02) (AMAZON-02)
107	39

1 2606:4700:3031::ac43:dd6a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qr-adv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.23.159.185 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)

premiuminter.forum2x2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::ac43:9798 (United States)

ASN13335 (CLOUDFLARENET, US)

illiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.57 (United States)

ASN33438 (HIGHWINDS2, US)

twemoji.maxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::ac43:48e9 (United States)

ASN13335 (CLOUDFLARENET, US)

2img.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.156.217 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-156-217.deploy.static.akamaitechnologies.com

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:3fe (United States)

ASN13335 (CLOUDFLARENET, US)

i.servimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a30d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:5aab (United States)

ASN13335 (CLOUDFLARENET, US)

connect.topicit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.50.7.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-7-8.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:3ac5 (United States)

ASN13335 (CLOUDFLARENET, US)

adstune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.156.235 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-156-235.deploy.static.akamaitechnologies.com

cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3035::6815:57a9 (United States)

ASN13335 (CLOUDFLARENET, US)

superonclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.34.123.238 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-123-238.us-west-2.compute.amazonaws.com

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 130.211.31.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.31.211.130.bc.googleusercontent.com

discovernative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3034::6815:1cb (United States)

ASN13335 (CLOUDFLARENET, US)

cdnativ.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.214.163.233 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-214-163-233.us-west-2.compute.amazonaws.com

events.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:2100:18f::2c79 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.229.248.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.241.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-241-4.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.87 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.70.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.160.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.126.63.176 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-63-176.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.114.167 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	2img.net 2img.net	21 KB
12	cdnativ.com cdnativ.com	576 KB
12	avantisvideo.com cdn.avantisvideo.com static.avantisvideo.com cdn1.avantisvideo.com avm.avantisvideo.com events.avantisvideo.com	79 KB
10	aniview.com play.aniview.com player.aniview.com track1.aniview.com go1.aniview.com sync.aniview.com	190 KB
8	adnxs.com 2 redirects secure.adnxs.com ib.adnxs.com	7 KB
7	advertising.com 4 redirects ads.adaptv.advertising.com pixel.advertising.com	2 KB
6	superonclick.com superonclick.com	35 KB
5	yahoo.com 3 redirects ups.analytics.yahoo.com	4 KB
5	viglink.com cdn.viglink.com api.viglink.com	31 KB
4	discovernative.com discovernative.com	4 KB
4	google-analytics.com www.google-analytics.com	38 KB
4	illiweb.com illiweb.com	25 KB
4	forum2x2.ru 1 redirects premiuminter.forum2x2.ru	74 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
3	criteo.com bidder.criteo.com gum.criteo.com	458 B
3	criteo.net static.criteo.net	38 KB
2	adsrvr.org 2 redirects match.adsrvr.org	990 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	650 B
2	ufpcdn.com ufpcdn.com	3 KB
2	googlesyndication.com pagead2.googlesyndication.com	98 KB
2	adstune.com adstune.com	40 KB
2	taboola.com cdn.taboola.com	134 KB
2	googletagmanager.com www.googletagmanager.com	78 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	topicit.net connect.topicit.net	2 KB
1	servimg.com i.servimg.com	2 KB
1	maxcdn.com twemoji.maxcdn.com	5 KB
1	googleapis.com ajax.googleapis.com	33 KB
1	qr-adv.com 1 redirects qr-adv.com	1 KB
107	30

	Domain	Requested by
13	2img.net	premiuminter.forum2x2.ru
12	cdnativ.com	superonclick.com
6	ib.adnxs.com	player.aniview.com
6	superonclick.com	premiuminter.forum2x2.ru superonclick.com
5	ups.analytics.yahoo.com	3 redirects
5	pixel.advertising.com	4 redirects
4	track1.aniview.com	player.aniview.com
4	events.avantisvideo.com	cdn.avantisvideo.com
4	discovernative.com	premiuminter.forum2x2.ru superonclick.com
4	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
4	api.viglink.com	cdn.viglink.com premiuminter.forum2x2.ru
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	illiweb.com	premiuminter.forum2x2.ru
4	premiuminter.forum2x2.ru	1 redirects premiuminter.forum2x2.ru
3	player.aniview.com	cdn.avantisvideo.com player.aniview.com
3	static.criteo.net	premiuminter.forum2x2.ru
2	match.adsrvr.org	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	ads.adaptv.advertising.com	player.aniview.com
2	secure.adnxs.com	2 redirects
2	ufpcdn.com	superonclick.com
2	pagead2.googlesyndication.com	premiuminter.forum2x2.ru
2	adstune.com	premiuminter.forum2x2.ru adstune.com
2	bidder.criteo.com	static.criteo.net
2	cdn.taboola.com	premiuminter.forum2x2.ru cdn.taboola.com
2	cdn.avantisvideo.com	premiuminter.forum2x2.ru cdn.avantisvideo.com
2	www.googletagmanager.com	premiuminter.forum2x2.ru adstune.com
1	sync.aniview.com	player.aniview.com
1	go1.aniview.com	player.aniview.com
1	play.aniview.com	cdn.avantisvideo.com
1	cdn1.avantisvideo.com	cdn.avantisvideo.com
1	www.google.de	premiuminter.forum2x2.ru
1	www.google.com	premiuminter.forum2x2.ru
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.avantisvideo.com	cdn.avantisvideo.com
1	gum.criteo.com	static.criteo.net
1	connect.topicit.net	premiuminter.forum2x2.ru
1	cdn.viglink.com	premiuminter.forum2x2.ru
1	i.servimg.com	premiuminter.forum2x2.ru
1	twemoji.maxcdn.com	premiuminter.forum2x2.ru
1	ajax.googleapis.com	premiuminter.forum2x2.ru
1	qr-adv.com	1 redirects
107	43

This site contains links to these domains. Also see Links.

Domain
www.forum2x2.ru
www.google.ru
help.forum2x2.ru

Subject Issuer	Validity	Valid
m91.maxns.net R3	`2021-01-17` - `2021-04-17`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
illiweb.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
twemoji.maxcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-09` - `2021-11-09`	a year	crt.sh
2img.net Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
content.avantisvideo.com R3	`2021-02-22` - `2021-05-23`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
servimg.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
ssl418259.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-10-27` - `2021-05-05`	6 months	crt.sh
topicit.net Cloudflare Inc ECC CA-3	`2020-09-04` - `2021-09-04`	a year	crt.sh
viglink.com Amazon	`2020-12-13` - `2022-01-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-18` - `2021-08-18`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.avantisvideo.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
discovernative.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2022-03-04`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-24` - `2021-04-20`	6 months	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh

This page contains 12 frames:

Primary Page: https://premiuminter.forum2x2.ru/forum
Frame ID: DB07033D6189ADC324E2710A68B0EF15
Requests: 69 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=premiuminter.forum2x2.ru
Frame ID: 2962B3312D274D0D41FEB069023BDC01
Requests: 1 HTTP requests in this frame

Frame: https://adstune.com/ap/index.php?lang=ru&dim=728x90
Frame ID: DCC7DAD5951D24E45113442025A09688
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 4F5AB36C0C9B6778E51625B6ED0E6503
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: CC0E5B10436AE339B223CA29C5C8F59C
Requests: 10 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 6F51F1BD6E30B9186AAEAA47A7E931D8
Requests: 2 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 21126CE0019ED79F83660353B9B257CE
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: A4723F40C752FF4D3187CCD7F0F732A5
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 36503A032FA33D3A321D9AA2BA2A1FFD
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5E80A0EEAE3C1EEC591325B38E46395E
Requests: 4 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018
Frame ID: C0C1D79EF438B2F27588A5591FDBEDF2
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1615653450286-988909042651-020248-003-004980&biddername=55&key=4739668865103727730
Frame ID: A1A9731E8303ED67B2CD3100AB127A30
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://qr-adv.com/26im0 HTTP 301
http://premiuminter.forum2x2.ru/forum HTTP 301
https://premiuminter.forum2x2.ru/forum Page URL

Page Statistics

107
Requests

100 %
HTTPS

52 %
IPv6

30
Domains

43
Subdomains

39
IPs

7
Countries

1513 kB
Transfer

3538 kB
Size

6
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.forum2x2.ru/

Search URL Search Domain Scan URL

URL: http://www.google.ru/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0CBwQFjAA&url=http%3A%2F%2Fpremiuminter.net%2Fr%2F872&ei=fm83VcvgGMObsAGw7oCABg&usg=AFQjCNEKJpT0hsuHIwiOUABRUxJpUhY7wg&bvm=bv.91071109,d.bGg
Title:

Search URL Search Domain Scan URL

URL: http://www.google.ru/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0CBwQFjAA&url=http%3A%2F%2Fpremiuminter.net%2Finvite.php%3Fpartnerid%3D872&ei=um83VdSkF4H6sgHwlIDYDA&usg=AFQjCNEz7wi5uYil7FFmxmXKxEP2PY_fiw&bvm=bv.91071109,d.bGg
Title:

Search URL Search Domain Scan URL

URL: http://www.google.ru/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0CBwQFjAA&url=http%3A%2F%2Fpartnernamebusiness.blogspot.ru%2F&ei=6m83VfPhLISpsgGulICgCA&usg=AFQjCNHZNU15OnVwZ4-8LuVF5EIhmfq5SQ&bvm=bv.91071109,d.bGg
Title:

Search URL Search Domain Scan URL

URL: http://www.google.ru/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CBwQFjAA&url=http%3A%2F%2Fpartnerid872.blogspot.ru%2F&ei=aHA3VZ73C8aUsgGwn4GoDg&usg=AFQjCNFZAMuBvVcPkKR9gDh2i5k4F4R_ZQ&bvm=bv.91071109,d.bGg&cad=rjt
Title:

Search URL Search Domain Scan URL

URL: http://www.google.ru/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CBwQFjAA&url=http%3A%2F%2Fchanceforward.blogspot.ru%2F&ei=qHA3VeDKGoSpsgGulICgCA&usg=AFQjCNFXz0v32QdYFt-9o3Y_aq721D4PPQ&bvm=bv.91071109,d.bGg&cad=rjt
Title:

Search URL Search Domain Scan URL

URL: https://www.forum2x2.ru/invision
Title: Invision

Search URL Search Domain Scan URL

URL: https://help.forum2x2.ru/
Title: Бесплатный форум поддержки

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://qr-adv.com/26im0 HTTP 301
http://premiuminter.forum2x2.ru/forum HTTP 301
https://premiuminter.forum2x2.ru/forum Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615653450286-988909042651-020248-003-004980%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1615653450286-988909042651-020248-003-004980%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1615653450286-988909042651-020248-003-004980&biddername=55&key=4739668865103727730

Request Chain 106

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP67d2dafa-841a-11eb-80a1-02744da311a6 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP67d2dafa-841a-11eb-80a1-02744da311a6&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA2N2QyZGFmYS04NDFhLTExZWItODBhMS0wMjc0NGRhMzExYTY%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_hm=VVA2N2QyZGFmYS04NDFhLTExZWItODBhMS0wMjc0NGRhMzExYTY%3D&google_tc= HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEE_5Wp-DLCsRmMY6ixDfyDc&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEE_5Wp-DLCsRmMY6ixDfyDc&google_cver=1&apid=UP67d2dafa-841a-11eb-80a1-02744da311a6

Request Chain 107

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YEzqSwAAAI4t1FLS HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=YEzqSwAAAI4t1FLS&_origin=0&gdpr=0&gdpr_consent=&_test=YEzqSwAAAI4t1FLS HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YEzqSwAAAI4t1FLS&_origin=0&gdpr=0&gdpr_consent=&_test=YEzqSwAAAI4t1FLS&apid=UP67d2dafa-841a-11eb-80a1-02744da311a6 HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YEzqSwAAAI4t1FLS&_origin=0&gdpr=0&gdpr_consent=&_test=YEzqSwAAAI4t1FLS&apid=UP67d2dafa-841a-11eb-80a1-02744da311a6&verify=true

Request Chain 108

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://pixel.advertising.com/ups/55953/sync?uid=3c0c5ea2-07bd-4057-84f8-7c20934097f4&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=3c0c5ea2-07bd-4057-84f8-7c20934097f4

107 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request forum Show response
premiuminter.forum2x2.ru/
Redirect Chain

http://qr-adv.com/26im0
http://premiuminter.forum2x2.ru/forum
https://premiuminter.forum2x2.ru/forum

91 KB
17 KB

275ms
210ms

Document
text/html

94.23.159.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

09f6e14499621a09d0f0f510a2eb79ae0790f315ddb5195c3a543b2b3df40204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: premiuminter.forum2x2.ru
:scheme: https
:path: /forum
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Sat, 13 Mar 2021 00:00:00 GMT
last-modified: Sat, 13 Mar 2021 16:37:27 GMT
vary: User-Agent
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip

Redirect headers

Date: Sat, 13 Mar 2021 16:37:27 GMT
Content-Length: 0
Location: https://premiuminter.forum2x2.ru/forum

GET
H2 200 0-ltr.css
premiuminter.forum2x2.ru/ 159 KB
57 KB 316ms
313ms Stylesheet
text/css 94.23.159.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://premiuminter.forum2x2.ru/0-ltr.css

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

6c0802d3b7592ad9704c902834de8a94047b553276d5b12bd8d79e58eb214a75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://premiuminter.forum2x2.ru/forum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 13 Mar 2021 00:00:00 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
content-length: 57818
x-xss-protection: 1
x-cache-ma: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
33 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 11:34:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18192
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Mar 2022 11:34:15 GMT

GET
H2 200 ru.js Show response
illiweb.com/rs3/19/frm/lang/ 71 KB
17 KB 39ms
14ms Script
application/x-javascript 2606:4700:3030::ac43:9798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/19/frm/lang/ru.js

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9798 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd0d207d94ae86a47189f9f8aa63fa4bdad52d2ebcfb6c50fb8772ab39ffd5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 178710
cf-polished: origSize=73039
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c404a00004e2c962cb000000001
x-cache-ne: HIT
last-modified: Tue, 19 Jan 2021 09:52:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eVHvd8CqIBD3tyX1YctO5cc4EDKvmPGw2zYDUgAIJjrYft6CFu6mDPfbkAdIlPPOqd%2FXYMM%2BHoSCL3jziJVlbkcl4AhePxgkDfZRCO3XAHSBOWis%2FQIR2Q%3D%3D"}],"group":"cf-nel"}
content-type: application/x-javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 62f6afe07bdc4e2c-FRA
expires: Fri, 11 Mar 2022 14:58:57 GMT

GET
H2 200 invision.js Show response
illiweb.com/rs3/19/frm/ 2 KB
865 B 40ms
15ms Script
application/x-javascript 2606:4700:3030::ac43:9798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/19/frm/invision.js

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9798 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1b0a91fd6eb5029cabacc3c14c13144f97a64d3b261082bd78bd95c71a86d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 178710
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c404a00004e2cc68a5000000001
x-cache-ne: EXPIRED
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BpW2iGqeNCoeBAHon0hLTDDEU4IMbsh4qCMJzM%2FZJLYoVAEs%2FpTmI%2FrzSw4kcAQK1P4N86HNQlXb%2BwXINcycD0Cgy8Uv3JsnIkEMfa1Nd9pcB3NdJAhKbg%3D%3D"}],"group":"cf-nel"}
content-type: application/x-javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 62f6afe07bdf4e2c-FRA
expires: Fri, 11 Mar 2022 14:58:57 GMT

GET
H2 200 99850.js Show response
premiuminter.forum2x2.ru/ 62 B
392 B 154ms
151ms Script
application/x-javascript 94.23.159.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://premiuminter.forum2x2.ru/99850.js

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

74d3169e34286a8c8386a74e29aa6955c91090828c2cb4ecd15643b7a968004c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://premiuminter.forum2x2.ru/forum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jan 1970 00:14:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
content-length: 78
x-xss-protection: 1
x-cache-ma: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 114 KB
37 KB 87ms
41ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 69e31d53d95f965695db3712f85925810e90cc839a793c87adfcb21eb637673e

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:30 GMT
server: nginx
etag: W/"6034e04e-1c974"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 14 Mar 2021 16:37:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144347007-1

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51d8dee93fd9cec3fbba837c93a17f047717bd79a8a5c2c1a265ff9475aa83ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39775
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Mar 2021 16:37:27 GMT

GET
H2 200 jquery.cookie.js Show response
illiweb.com/rs3/19/frm/jquery/cookie/ 1011 B
1 KB 36ms
12ms Script
application/x-javascript 2606:4700:3030::ac43:9798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/19/frm/jquery/cookie/jquery.cookie.js

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9798 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 178737
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c404a00004e2ce10bc000000001
x-cache-ne: HIT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G1IszGGHLnnVNx%2F5sEkpYz6qZqKzNZLpBJTLpPIei%2BnCxGNjs8%2FTvHdLla9EY1n%2B3aBo1QeF58pCZcpejVZ8Tx3ROEoia3Srjv%2FFVggPdB%2FxCZJiabulhA%3D%3D"}],"group":"cf-nel"}
content-type: application/x-javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 62f6afe07be04e2c-FRA
expires: Fri, 11 Mar 2022 14:58:30 GMT

GET
H2 200 FAToolbar.js Show response
illiweb.com/rs3/19/frm/jquery/toolbar/ 24 KB
6 KB 37ms
14ms Script
application/x-javascript 2606:4700:3030::ac43:9798
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/19/frm/jquery/toolbar/FAToolbar.js

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9798 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb0e83d250dcb9a567f0845e7e7f7870d1f8881974fbbb83d060431b755dec81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 178737
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c404a00004e2c9a374000000001
x-cache-ne: HIT
last-modified: Tue, 29 Sep 2020 15:27:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6l32ucsFYEgMJJa4xkSwlVXff9s2MuGbeXQWpbcyo%2BV5%2BtjV0Q6RpHEgIJKLanbVP7ZOutNbUQ8ifHxrFmASCfRGSmSxBvUnWu8CCdcp99Ksa23f4xiyWw%3D%3D"}],"group":"cf-nel"}
content-type: application/x-javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
x-cache-pr: HIT
cf-ray: 62f6afe07be24e2c-FRA
expires: Fri, 11 Mar 2022 14:58:30 GMT

GET
H2 200 twemoji.min.js Show response
twemoji.maxcdn.com/ 15 KB
5 KB 100ms
29ms Script
application/javascript 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://twemoji.maxcdn.com/twemoji.min.js
Requested by: Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 637282f23b8352c04ecc9dd7b4e1ffb23f8102517d010afaa447b2fb889b689e

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: eeaf48018d3dc584fc1415dccc5b5c698b9d531a
date: Sat, 13 Mar 2021 16:37:27 GMT
content-encoding: gzip
x-cache: HIT
powered-by: MaxCDN
last-modified: Fri, 17 Jul 2020 05:18:40 GMT
server: NetDNA-cache/2.2
x-github-request-id: 803C:7A5A:D256CF:DCA4B6:6047C7B5
etag: W/"5f1134b0-3bc8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Mon, 12 Apr 2021 16:37:27 GMT

GET
H2 200 empty.gif
2img.net/i/fa/ 42 B
905 B 35ms
18ms Image
image/gif 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/empty.gif

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2018482
cf-polished: status=not_needed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4blupgF1qiGru6FaZ6Yuhjmsz68tb8eJCzIe0wut6L01KwQ3qj3nrnawetORJRSXb2kLJ66GUxeq4kyjktnkqTW46K0gp1koYOyCnBd9S48C4VZuaQ%3D%3D"}],"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 08ce0c40e200004aaf49b50000000001
accept-ranges: bytes
cf-ray: 62f6afe16fc44aaf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 empty.gif
2img.net/i/ 43 B
378 B 11ms
10ms Image
image/gif 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/empty.gif

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2187039
cf-polished: status=not_needed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Mon, 09 May 2016 08:45:50 GMT
server: cloudflare
etag: "57304e3e-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C3%2BuQLTqf8rvckkSv%2B9g4zld%2B1lwRY%2FR2Jwt3G89oraCUlpV3saAD6Hep4rPFsc6XX5iEwO8GJ4On%2F98lgNTskz8fQcBxuMlcWA9%2FZHKQqREq6bMSA%3D%3D"}],"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 08ce0c40f100004aaf502bc000000001
accept-ranges: bytes
cf-ray: 62f6afe18fe64aaf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 bf_nonew.gif
2img.net/i/fa/invision/ 347 B
659 B 13ms
13ms Image
image/gif 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/invision/bf_nonew.gif

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88c316519db1cac5a1e26569c13777a8f1177fdb2d0f732e9af3e214efdac975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4958427
cf-polished: status=not_needed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-15b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xgUimzxQi%2BWMsWuYmf9IcGa6%2B2biOO2oCjEScBzt88UN%2FTlcoa%2BhAbNVy06e1MIIn4zgUCsE6K49xmBmQpquGOxg3RytiytSdIUOYoMmL2cFuG%2BdLg%3D%3D"}],"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 08ce0c410000004aaf99be4000000001
accept-ranges: bytes
cf-ray: 62f6afe19ff84aaf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 lastpost.gif
2img.net/i/fa/invision/ 53 B
360 B 10ms
10ms Image
image/gif 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/invision/lastpost.gif

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a2ae16febb6218317adbc00cf3a640256fcfd7f84c5ce3f612df78695739869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2018396
cf-polished: status=not_needed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1BVs31Y0ToAx7BSARDjaKqrjwM3X5ktFqhJRKB9v7vPBm04QQIciXbfXk0f4qoYCfHYm12JJ7xznIbR78C%2BfVNs6sWvRjh7FZbXOWPgLaCnopBt%2BLg%3D%3D"}],"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 08ce0c410c00004aaf33871000000001
accept-ranges: bytes
cf-ray: 62f6afe1a8114aaf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 user.gif
2img.net/i/fa/invision/ 785 B
1 KB 11ms
11ms Image
image/gif 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/invision/user.gif

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee42844f6e6c978ca10465fc9a5f4c61631caf8d37d81a8aa6468b8cf0153e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4958427
cf-polished: status=not_needed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 785
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-311"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j3uW5g2XHyPwnqjX0QoYignHTTYU3xLCeXkjghBjZD2JtEQqKQI%2FQbo%2BySLAgisUNOnxYP5rvnXpvdUg1iiYky8GDP%2F86yDpztGjwgXfvaTOUIddCg%3D%3D"}],"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 08ce0c411700004aafa02f0000000001
accept-ranges: bytes
cf-ray: 62f6afe1b83c4aaf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 calen.gif
2img.net/i/fa/invision/ 743 B
2 KB 10ms
10ms Image
image/gif 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/invision/calen.gif

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

989f8331f21edcea690ea3a05d646abae9688ae75e61b2a5379f98cccb84dd5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4958427
cf-polished: status=not_needed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 743
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 10:59:25 GMT
server: cloudflare
etag: "5739a80d-2e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2E%2FA7yMfrrOZL6eEYWr2pNL4UT0nWCReeFsShLbRUIywiJlHmOHV6MR48Kg%2FC9%2BwBUtLAQtiTUzIr3FlWonSAporJC%2FUGKjU%2B3WC7LdCS4avO49dlg%3D%3D"}],"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 08ce0c412400004aaf99be6000000001
accept-ranges: bytes
cf-ray: 62f6afe1d8544aaf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 stats.gif
2img.net/i/fa/invision/ 768 B
1 KB 13ms
12ms Image
image/gif 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/invision/stats.gif

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0cdaa0db2e3c35fdca1e81ab6e540e5408531266d2cb1f39f77b336b6d8c64a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4958427
cf-polished: status=not_needed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 768
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f%2BgbY0eZizE1CJAJmEKa9A6%2F32j6STIqgVyAOvbobcl9ds4nU%2Bwg6fSJhAPOl1%2FUF3J8Wwv55V%2BRxxo1pPvaWvgUmYmFx%2F3L4EXWoT2jtFvjraTX6Q%3D%3D"}],"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 08ce0c413000004aaf97b22000000001
accept-ranges: bytes
cf-ray: 62f6afe1e86b4aaf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 bf_new.gif
2img.net/i/fa/invision/ 347 B
683 B 12ms
11ms Image
image/gif 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/invision/bf_new.gif

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655edd3c630302bcaf2690418226595dee314ed8ecf6747d7ef9a3e012e116a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4958428
cf-polished: status=not_needed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-15b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bHgPGmKmRqFBRlhUVG%2BkwP9zLmFZLAX4GLqbwQN9A%2BzDfAc1%2FUa7xIscEJppDBbV4j6UuQ3HuikvaaKn57asu%2F6Tu8ktGwq8G41VsU0oha61sKEPFw%3D%3D"}],"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 08ce0c413d00004aaf4f0d7000000001
accept-ranges: bytes
cf-ray: 62f6afe1f88d4aaf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 bf_locked.gif
2img.net/i/fa/invision/ 437 B
858 B 11ms
11ms Image
image/gif 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/invision/bf_locked.gif

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38d8555ff90122f749911d02b87f5006d576441e0b674a61ac202bbef74db7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2160046
cf-polished: status=not_needed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 437
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-1b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ead349EJVXMOnWRwHIRvgHvXgSpoD2JEDWk9vmXudmBe6CAR0zn%2F9l8ZjIbnKUoo%2BH6hSJuFf0kpLkeBh4OsjbQwCRYHQbrF4%2FRc94FKoRXzWZJmjA%3D%3D"}],"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 08ce0c414a00004aaf229a8000000001
accept-ranges: bytes
cf-ray: 62f6afe208b94aaf-FRA
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK video-loader.js Show response
cdn.avantisvideo.com/avm/js/ 53 KB
18 KB 176ms
67ms Script
application/javascript 2.23.156.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Requested by: Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.156.217 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-156-217.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d4390447cdbeb188fcda3f6593cbb3ebb1db6fe26ddf5589e00c5bce297ce38a

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JC1MZXnTlq5q1hwwM7uac4dOsQCTW8Fq
Content-Encoding: gzip
Last-Modified: Wed, 02 Dec 2020 10:42:18 GMT
Server: AmazonS3
x-amz-request-id: WXBAWRS5ZC44BZ31
ETag: "68c180f02ff8411308f6cfc922d94aa4"
Vary: Accept-Encoding
Content-Type: application/javascript
CDN-Origin-Protocol: HTTP
Date: Sat, 13 Mar 2021 16:37:28 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Forward-Proto: http
Content-Length: 18189
x-amz-id-2: gVdFqHj/HH4rFqUPj52m46tDpqSBP97sv47x/FNiWzPQtcHA29hSO8LozwJLYUZEFrEuxgjIIRY=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144347007-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2093
date: Sat, 13 Mar 2021 16:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 13 Mar 2021 18:02:35 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/forumotion-ru/ 231 KB
26 KB 75ms
25ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/forumotion-ru/loader.js
Requested by: Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c32c2af1ecbd99afd16fb18d2eb32e254b5eae460ffb4580cac2f5b8d47c954a

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0GRqoNC27ObEUmfJPUL4z9HVQR7yUpOo
content-encoding: gzip
etag: "a2be4cc4eddfbd76811c94c166996002"
age: 56
x-cache: HIT
content-length: 25857
x-amz-id-2: HaIn9HLia39wzub2zebiX4iBwc+Eve5vjvXvbF7gM702j9nYWFuqwHEGjHnXGUyr2H0iyoa7CHg=
x-served-by: cache-hhn11560-HHN
last-modified: Thu, 11 Mar 2021 15:52:47 GMT
server: AmazonS3
x-timer: S1615653448.170523,VS0,VE1
date: Sat, 13 Mar 2021 16:37:28 GMT
vary: Accept-Encoding
x-amz-request-id: 1D8PNVMTF5XRDVS1
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 46
x-cache-hits: 1

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
154 B 124ms
39ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=105&profileId=206&cb=33612671576
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://premiuminter.forum2x2.ru
date: Sat, 13 Mar 2021 16:37:27 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 f9847f10.png
i.servimg.com/u/f36/19/09/71/12/ 1 KB
2 KB 146ms
129ms Image
image/png 2606:4700:3033::6815:3fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f36/19/09/71/12/f9847f10.png

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:3fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60ec113672b35cc4ba6f7176e42c212b0aba50f0c333d6e33e7a8eca8b8dcb94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-xss-protection: 1; mode=block
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1066
cf-request-id: 08ce0c41c600002c265892b000000001
last-modified: Sat, 11 Jan 2020 09:57:32 GMT
server: cloudflare
etag: "5e199c0c-42a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=71SNzizxqBmJutXNB41BTELQvyHW64eMCEP%2FgcVYfkLSMDnfaTmYUoHOhm74%2BUpk2gzeQLOM%2FH%2FrHAjxT8NqVPXhiJh4DJ6PCQWQNFk5VX4q7oVw6eOhlf4o"}]}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62f6afe2dc232c26-FRA
expires: Sun, 13 Mar 2022 16:37:28 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 23ms
22ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 08 Mar 2022 16:37:28 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 21ms
21ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 08 Mar 2022 16:37:28 GMT

GET
H2 200 nav.gif
2img.net/i/fa/invision/ 158 B
548 B 12ms
11ms Image
image/gif 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/invision/nav.gif

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/0-ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16bd0b41944c9e99eb13a384cc608888ba4fbed6cb9232136d5491affee57435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4958428
cf-polished: status=not_needed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 158
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x3D19oFq5sHD8HcF%2F8rYlClZ5KyySUZjWatNJgCS%2FM9l4JOV6cjKKz9YNKwB6BwWAl05cWilbV7dokKFy5tXasC9JqqEZtmGyYZcYANuRuVDl4XeQg%3D%3D"}],"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 08ce0c41bd00004aaf6aa4e000000001
accept-ranges: bytes
cf-ray: 62f6afe2c9d64aaf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 exp_minus.gif
2img.net/i/fa/invision/ 51 B
355 B 11ms
11ms Image
image/gif 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/invision/exp_minus.gif

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/0-ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d58ecf69035b4a041d10538b72c2f161068a8c3208ac91dc3b5444cc788ceef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 389480
cf-polished: status=not_needed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=40bh1y2SQG4rXq1rDyjO%2Blev6oayf29w0wZHJVzdbB73q7cj2uWkGS2eNvxZt38zGgT32fiLgg8mYrUzB0e6pjUd1L8o0DjgGiaC59mBZ0AmpARDdQ%3D%3D"}],"group":"cf-nel"}
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 08ce0c41bd00004aaf25bca000000001
accept-ranges: bytes
cf-ray: 62f6afe2c9d84aaf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 81 KB
28 KB 37ms
20ms Script
text/javascript 2606:4700::6810:a30d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2190555
cf-ray: 62f6afe2fd474a74-FRA
content-length: 28567
x-amz-id-2: +iEi8UmVzo9iHrCFkChLy99B1/aKbLPiIcrQBD56J2pS/TgGfzMbewvLekWcw7moy5/sEa7Wk4c=
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
server: cloudflare
etag: "072eaf64a771815874455704fca9301b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 756FF2C4F6403DBD
cache-control: public, max-age=604800
cf-request-id: 08ce0c41df00004a748b8d1000000001
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 20 Mar 2021 16:37:28 GMT

GET
H2 200 toolbar.png
2img.net/i/fa/i/toolbar/ 11 KB
11 KB 13ms
12ms Image
image/png 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/i/toolbar/toolbar.png

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/0-ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be829da434dbe7a5719faeb28277229a36314202fb4553b4e87b12298100a133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4958428
cf-polished: origSize=11066
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10894
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 08:34:44 GMT
server: cloudflare
etag: "57398624-2b3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2By2H8Z24qyRSDyk13YPc0WpAmyKCmjY%2FZbF9n9PYoUWP6OFyaKRrkgoAWIl0UZkgo76mMW06eXSF16SlPkENrw7UVTmv7AFhM%2BLXNQFrRW97l%2FRNUw%3D%3D"}],"group":"cf-nel"}
content-type: image/png
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 08ce0c41db00004aaf282f2000000001
accept-ranges: bytes
cf-ray: 62f6afe2fa284aaf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 pa0.png
2img.net/i/fa/i/toolbar/ 1 KB
1 KB 14ms
14ms Image
image/png 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/i/fa/i/toolbar/pa0.png

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/0-ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9ec80f2c1316c1d793007aa535ad6f381cce1ed7446881a768b9baee45972b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4958428
cf-polished: origSize=1087
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1084
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 08:34:43 GMT
server: cloudflare
etag: "57398623-43f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EeOgAvyt7TX80ACLUqhEqbLoiu7jHgvozuCMWyX5hGDaDBSlc0k2DeUtU0FpcayGBpb3QG8YUeTncNL2j52EUOCKpy3zZpcO0eKgutgf0ARq1rcShA%3D%3D"}],"group":"cf-nel"}
content-type: image/png
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-request-id: 08ce0c41da00004aaf77192000000001
accept-ranges: bytes
cf-ray: 62f6afe2fa2a4aaf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 connect.js Show response
connect.topicit.net/scripts/ 3 KB
2 KB 39ms
14ms Script
application/javascript 2606:4700:3033::6815:5aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.topicit.net/scripts/connect.js

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5aab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 535
cf-polished: origSize=5437
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c41fb00001776cd849000000001
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
server: cloudflare
etag: W/"5d653880-153d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RQ04s7UKi0Ej2eJNCHe2FBF8vHr7I3sM9h4HoJyDtwAzxUDDW1E2yz3LdpYr0a%2Fa7GQTkaUpdVz8jQxmU3dJ9XPvsXwHn5sVwqnGKyhWC0aXtV49tcoiq2y3pZoAAZRn"}]}
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-ray: 62f6afe32cda1776-FRA
cf-bgj: minify

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2962 0
150 B 67ms
23ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=premiuminter.forum2x2.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=premiuminter.forum2x2.ru
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://premiuminter.forum2x2.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://premiuminter.forum2x2.ru/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1540
date: Sat, 13 Mar 2021 16:37:28 GMT
content-length: 0

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
394 B 47ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=683759425&t=pageview&_s=1&dl=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&ul=en-us&de=UTF-8&dt=Premium%20Partnerid&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=332082843&gjid=455235904&cid=1951423017.1615653448&tid=UA-144347007-1&_gid=2082614239.1615653448&_r=1&gtm=2ou330&z=1872645255

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Mar 2021 16:37:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://premiuminter.forum2x2.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 259 B
994 B 195ms
54ms XHR
text/javascript 52.50.7.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.7.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-7-8.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: ee131d698e778c19b989fb146003f43a9c6b2aa4dd2f78bcce4bed1d3326da9a

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 13 Mar 2021 16:37:27 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://premiuminter.forum2x2.ru
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 259
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 impl.20210309-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ 469 KB
108 KB 24ms
24ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-ru/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xM_jL7h6ZB3QjV_JB3da2vLQ4nyQbNxG
content-encoding: br
etag: "75c949375e72662c18ea42e8379a148a"
age: 7968
x-cache: HIT
content-length: 110346
x-amz-id-2: 4OJS8xmIvCConlMlpn510Bx8V9+lPBDtQFn5Sq3U5nXNeh3HdhWEImzdx+y0gaBTXjzePT7NPPs=
x-served-by: cache-hhn11560-HHN
last-modified: Tue, 09 Mar 2021 14:16:13 GMT
server: AmazonS3-br
x-timer: S1615653448.232906,VS0,VE0
date: Sat, 13 Mar 2021 16:37:28 GMT
vary: Accept-Encoding
x-amz-request-id: S0GWY892V98WYC03
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 34
x-cache-hits: 43829

GET
H/1.1 200
OK abc.txt Show response
static.avantisvideo.com/data/ 29 KB
7 KB 38ms
7ms XHR
text/plain 2a02:26f0:6c00::210:ba40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfcafca6e9156d0bec58648f56126795dc7bfa78237227c71d7bab951e4b131b

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 13 Mar 2021 16:37:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Mar 2021 17:19:45 GMT
Server: AmazonS3
x-amz-request-id: 9A33WCQQW0DDX2XN
ETag: "2ffa36ad9e8658584b13d194c9b9b92c"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
CDN-Origin-Protocol: HTTP
Connection: keep-alive
Accept-Ranges: bytes
X-Forward-Proto: http
Content-Length: 6406
x-amz-id-2: 9IPoysAbwXv/4jCFRYL3ifmYPIj2vVKaqnCl2lLHZvDIBe3hSYJdlPWZMRMidMMSWSeacr1+wYk=

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-144347007-1&cid=1951423017.1615653448&jid=332082843&gjid=455235904&_gid=2082614239.1615653448&_u=IEBAAUAAAAAAAC~&z=939582305

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 13 Mar 2021 16:37:28 GMT
content-type: text/plain
access-control-allow-origin: https://premiuminter.forum2x2.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.php Show response
adstune.com/ap/ Frame DCC7 966 B
1 KB 138ms
114ms Document
text/html 2606:4700:3035::6815:3ac5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adstune.com/ap/index.php?lang=ru&dim=728x90

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3ac5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35e5b3f77ffe5a6a56d481a0ff76664c335f2913a6072b02fafb7f00a6322d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: adstune.com
:scheme: https
:path: /ap/index.php?lang=ru&dim=728x90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://premiuminter.forum2x2.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://premiuminter.forum2x2.ru/

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d417708b81bb93d43ff989e8ae22e01ae1615653448; expires=Mon, 12-Apr-21 16:37:28 GMT; path=/; domain=.adstune.com; HttpOnly; SameSite=Lax __cf_bm=9998fe4ed4f8e4de50ee734a44e2489ed6b59aaa-1615653448-1800-AWUzEO8S2qKBA9dSZ5OHQAXEW4k0jOQRvJrQINqzDuMIaROP21V8FMiQGzwJvczTPw7QhIWpE/7hEY8xal/cDgM=; path=/; expires=Sat, 13-Mar-21 17:07:28 GMT; domain=.adstune.com; HttpOnly; Secure; SameSite=None
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: HIT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-request-id: 08ce0c424a00004e2b862d6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3NLCJkx%2BS6U1X6bvMlZ5SW0joO9TGHftFmheasvBMMep9pgJwfzvFxSrmxuZGVDzJW74eblfhKvswjmiiOvruw82H4Z0qebtiPuHPoVVXA8dWnbxh9ku%2FA%3D%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62f6afe3ac2a4e2b-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4F5A 139 KB
49 KB 48ms
27ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46eb2c4af3ff749f7243d801a377b76fd92b43879f18b2e9cba36feab1bf9307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49986
x-xss-protection: 0
server: cafe
etag: 8899953364096147720
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 13 Mar 2021 16:37:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CC0E 139 KB
49 KB 39ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46eb2c4af3ff749f7243d801a377b76fd92b43879f18b2e9cba36feab1bf9307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49986
x-xss-protection: 0
server: cafe
etag: 8899953364096147720
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 13 Mar 2021 16:37:28 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
154 B 40ms
38ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://premiuminter.forum2x2.ru
date: Sat, 13 Mar 2021 16:37:27 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-144347007-1&cid=1951423017.1615653448&jid=332082843&_u=IEBAAUAAAAAAAC~&z=2030122419

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Mar 2021 16:37:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-144347007-1&cid=1951423017.1615653448&jid=332082843&_u=IEBAAUAAAAAAAC~&z=2030122419

Requested by

Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Mar 2021 16:37:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 6F51 42 KB
15 KB 164ms
58ms Document
text/html 2.23.156.235
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.156.235 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-156-235.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8418203f6ad21d8aa71baba1b849f312a50e38580bccfbbb7d6f7f7eec16cbdb

Request headers

Host: cdn1.avantisvideo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://premiuminter.forum2x2.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://premiuminter.forum2x2.ru/

Response headers

x-amz-id-2: U5YAcdWs9YOJEJyj5fR1WllrZjcNqNcr9wi8DtyAErkdPeh3h/l+j5N8Npj7YgWArA1CRXY26tE=
x-amz-request-id: K1KGWKGPYBFVFM8X
Last-Modified: Wed, 21 Oct 2020 12:02:12 GMT
ETag: "616cd2f36203ae3b124d70c803c7c7a7"
x-amz-version-id: aQTt0EDrJInn5h7oZRa4YKcA5m0mCAoF
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 13 Mar 2021 16:37:28 GMT
Content-Length: 15090
Connection: keep-alive
X-Forward-Proto: http
CDN-Origin-Protocol: HTTP

GET
H2 200 native_render.js Show response
superonclick.com/script/ Frame CC0E 4 KB
2 KB 34ms
17ms Script
application/javascript 2606:4700:3035::6815:57a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superonclick.com/script/native_render.js
Requested by: Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:57a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
date: Sat, 13 Mar 2021 16:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 585
x-guploader-uploadid: ABg5-UzJ7lgEiKUFGhYrK5SxuJsJQgE4SdYMS-t9cTG5Yzdg84cILO_mirDtT53GQQHRDO3KwTVST205yJCEfrbOt7o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c429b00004a5515b6b000000001
last-modified: Wed, 13 Feb 2019 10:15:50 GMT
server: cloudflare
etag: W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y%2F4IdksvVDw9taU4JO3v8FRcvky4Qj0HiVHTPiY0q4eBJhm6TRTN0%2Fkw9BZGIT0x5xd7d3bwNXrOJEtE7163plAMn4flzx3fm2ImklhtnsVhCt73A1pJE%2FheHmtu"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1550052950916101
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 4285
cf-ray: 62f6afe429dd4a55-FRA
expires: Sat, 13 Mar 2021 17:27:43 GMT

GET
H2 200 native_server.js Show response
superonclick.com/script/ Frame CC0E 9 KB
3 KB 36ms
20ms Script
application/javascript 2606:4700:3035::6815:57a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superonclick.com/script/native_server.js
Requested by: Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:57a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
date: Sat, 13 Mar 2021 16:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 585
x-guploader-uploadid: ABg5-Uwe094c7UyNwvbofmKRxuE8OGzIIj9-ZrsXsQ84opOrW3-kGUgI_YNGgO9RIqaxGi8zTD2il3AO_pYrjZW9RJw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c429a00004a550408a000000001
last-modified: Wed, 13 Feb 2019 10:15:52 GMT
server: cloudflare
etag: W/"51d87e9ebd831fccab6a016079a60793"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6hVywsKxxlMz8d2bF5NMyvDUIoEad0WexJvITsasMvTG%2BCo8ZT1qqIyVSA19Bn7Vju1qF7s60QnBSoOb9Xcir410CVWaxTGeKzfzmJZF0pmjF2pZTitzxvLjXUzZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1550052952705094
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 9260
cf-ray: 62f6afe429de4a55-FRA
expires: Sat, 13 Mar 2021 17:08:40 GMT

GET
H2 200 native_render.js Show response
superonclick.com/script/ Frame 4F5A 4 KB
2 KB 26ms
18ms Script
application/javascript 2606:4700:3035::6815:57a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superonclick.com/script/native_render.js
Requested by: Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:57a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
date: Sat, 13 Mar 2021 16:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 585
x-guploader-uploadid: ABg5-UzJ7lgEiKUFGhYrK5SxuJsJQgE4SdYMS-t9cTG5Yzdg84cILO_mirDtT53GQQHRDO3KwTVST205yJCEfrbOt7o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c429b00004a550b9f5000000001
last-modified: Wed, 13 Feb 2019 10:15:50 GMT
server: cloudflare
etag: W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iDblCvPr97t%2F4R%2Fu4jsArXu8LfGhU2OPrtcEItZoeumVPtxokqxCUNOTpYzeTzoLglu1LOPQZ6ePc5NchOKIjhcB8L7DxneNO8ikWjB08WTFcCHWcBcmAUey5IQH"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1550052950916101
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 4285
cf-ray: 62f6afe429e04a55-FRA
expires: Sat, 13 Mar 2021 17:27:43 GMT

GET
H2 200 native_server.js Show response
superonclick.com/script/ Frame 4F5A 9 KB
3 KB 30ms
23ms Script
application/javascript 2606:4700:3035::6815:57a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superonclick.com/script/native_server.js
Requested by: Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:57a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
date: Sat, 13 Mar 2021 16:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 585
x-guploader-uploadid: ABg5-Uwe094c7UyNwvbofmKRxuE8OGzIIj9-ZrsXsQ84opOrW3-kGUgI_YNGgO9RIqaxGi8zTD2il3AO_pYrjZW9RJw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c429b00004a55069de000000001
last-modified: Wed, 13 Feb 2019 10:15:52 GMT
server: cloudflare
etag: W/"51d87e9ebd831fccab6a016079a60793"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U%2Bhv9A01gexrBUnjDpKVcoYyASTbOwXTeik8%2FF9zQhqW858xfRQtQJUiOvYVyAolR6KQu0aToVbmfiDwahbM0TWDe8AI2WzIvSxsw%2Fj6coW500XINq3j3ve0JdPv"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1550052952705094
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 9260
cf-ray: 62f6afe429df4a55-FRA
expires: Sat, 13 Mar 2021 17:08:40 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame DCC7 99 KB
39 KB 43ms
28ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-121629819-1

Requested by

Host: adstune.com
URL: https://adstune.com/ap/index.php?lang=ru&dim=728x90

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3682f376a595a24247c3079e6b250506ab264d29fccb34d8145edb253970dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://adstune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39777
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Mar 2021 16:37:28 GMT

GET
H2 200 mag-forum2x2.png
adstune.com/ap/ru/728x90/ Frame DCC7 38 KB
38 KB 11ms
11ms Image
image/png 2606:4700:3035::6815:3ac5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adstune.com/ap/ru/728x90/mag-forum2x2.png

Requested by

Host: adstune.com
URL: https://adstune.com/ap/index.php?lang=ru&dim=728x90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3ac5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23c5a3f4174f9a5cc573d0d1e3d2d404a6f6d27c6fe617dfdf3ba0f26545570f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adstune.com/ap/index.php?lang=ru&dim=728x90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 9044339
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38725
cf-request-id: 08ce0c42c200004e2b72b8a000000001
last-modified: Fri, 20 Oct 2017 13:01:26 GMT
server: cloudflare
etag: "59e9f3a6-9745"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QYCWZTnS2i0Akd3HFW7sg3UPu7GTUoqfC1Qy3sVHH7GRf5JCGKG%2BocGY7lxpARIZTovVQ2GbIfo2XlVH85SMOGZQOVe04qwHrpadMuBIKEJjhQbFKpXPng%3D%3D"}],"max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62f6afe46d884e2b-FRA
expires: Mon, 29 Nov 2021 00:18:29 GMT

GET
H/1.1 200
OK sync.js Show response
api.viglink.com/api/ 0
307 B 49ms
49ms Script
text/plain 52.50.7.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.7.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-7-8.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Mar 2021 16:37:28 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 0
307 B 127ms
48ms Image
text/plain 52.50.7.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e
Requested by: Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.7.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-7-8.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Mar 2021 16:37:28 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 41 B
497 B 75ms
50ms XHR
text/javascript 52.50.7.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.7.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-7-8.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 13cde9ccb70db9971f0b11fc07e1fe44d40d5d91a210d2065d3cacd481ab6e90

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 13 Mar 2021 16:37:28 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://premiuminter.forum2x2.ru
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 41
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame DCC7 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-121629819-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://adstune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4143
date: Sat, 13 Mar 2021 15:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 13 Mar 2021 17:28:25 GMT

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 612ms
201ms Preflight 52.34.123.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Server

52.34.123.238 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-123-238.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 6F51 107 B
1 KB 202ms
201ms XHR
application/json 52.34.123.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.34.123.238 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-123-238.us-west-2.compute.amazonaws.com

Software

Resource Hash

7471cc6d274c0ebc05c468ec82daa98dc1325fde221b3932a0c81de749b4cc60

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Origin
content-length: 107
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Sat, 13 Mar 2021 16:37:29 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=683759425&t=timing&_s=2&dl=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&ul=en-us&de=UTF-8&dt=Premium%20Partnerid&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1823&pdt=1&dns=0&rrt=717&srt=210&tcp=64&dit=1412&clt=1412&_gst=1369&_gbt=1439&_cst=1366&_cbt=1364&_u=IEBAAUABAAAAAC~&jid=&gjid=&cid=1951423017.1615653448&tid=UA-144347007-1&_gid=2082614239.1615653448&_slc=1&z=1464152475

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Mar 2021 16:37:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://premiuminter.forum2x2.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.html Show response
ufpcdn.com/script/ Frame 2112 2 KB
1 KB 358ms
341ms Document
text/html 2606:4700:3037::ac43:8e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method: GET
:authority: ufpcdn.com
:scheme: https
:path: /script/identify.html?frmt=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://premiuminter.forum2x2.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://premiuminter.forum2x2.ru/

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
content-type: text/html
set-cookie: __cfduid=d8782d3d9652b493d8406222e6c12ac181615653448; expires=Mon, 12-Apr-21 16:37:28 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=5790dbdb68d146783f63b1a1cfb736870ed598ce-1615653448-1800-AXCHujAbr0axVIyIp+oo3TgACFMM1L7gZi4LGcVreNx+NU2k8EYxvpQoDyQQBzPMKEjhHw1KELvIMPvfp2GwPAY=; path=/; expires=Sat, 13-Mar-21 17:07:28 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
last-modified: Tue, 15 May 2018 06:39:25 GMT
cf-cache-status: DYNAMIC
cf-request-id: 08ce0c439700004e5c3b005000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GWX14uIpfNFz4NIb5KlZnO5JPrWmftNSKf3E6YOAbHplcrFXBOcsEqPHh3kH0K8mYTGJCa1CU4f2Gu%2B3z%2FScrRP%2FiBx3MWUCrIAhR45KNTuw2UcDXgOz"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62f6afe5bce84e5c-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 identify.html Show response
ufpcdn.com/script/ Frame A472 2 KB
2 KB 340ms
332ms Document
text/html 2606:4700:3037::ac43:8e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method: GET
:authority: ufpcdn.com
:scheme: https
:path: /script/identify.html?frmt=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://premiuminter.forum2x2.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://premiuminter.forum2x2.ru/

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
content-type: text/html
set-cookie: __cfduid=d8782d3d9652b493d8406222e6c12ac181615653448; expires=Mon, 12-Apr-21 16:37:28 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=907ed0e7fc1d9514794b73c00ff008919b9873d5-1615653448-1800-AY1dAI4eH47NDoU9DQmW2Wbtd1Z7kHp+B43dnEDz0HQhF5s9MCI4Dq8rtHrBgO0AkLiufrScIHSoDGDhkjxyUyY=; path=/; expires=Sat, 13-Mar-21 17:07:28 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
last-modified: Tue, 15 May 2018 06:39:25 GMT
cf-cache-status: DYNAMIC
cf-request-id: 08ce0c439700004e5c53991000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DINeWWpYep3IyAFY7WjdYsvk7IZiNQVjCJlbWZV%2B3pj%2BLtuOUR0nM5iRJB5OZqkZ%2FVC1kvm6Vf6gigpftA%2FzVAk4EH%2FRYVpQFkw%2BLJMe4dOxQNo3jBG%2F"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62f6afe5bcea4e5c-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 native.php Show response
discovernative.com/script/ Frame CC0E 3 KB
2 KB 208ms
168ms Script
application/json 130.211.31.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://discovernative.com/script/native.php?nwpsv=1&r=3133087&cbrandom=0.5791432980857611&cbWidth=300&cbHeight=250&cbtitle=&cbref=&cbdescription=%D0%9F%D0%BE%D1%82%D1%80%D0%B5%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20Premium%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BE%D1%80%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%B0%D1%88%D0%B8%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2&cbkeywords=%D0%9F%D1%80%D0%B5%D0%BC%D0%B8%D1%83%D0%BC%2C%20%D0%9F%D0%BE%D1%82%D1%80%D0%B5%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%2C%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%2C%20Premium%2C%20%D0%9C%D0%9B%D0%9C%2C%20Premium%2C%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%2C%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%2C%20%D0%BB%D0%BE%D1%82%D0%B5%D1%80%D0%B5%D1%8F%2C%20%D0%BF%D0%BE%D1%82%D1%80%D0%B5%D0%B1%D0%BA%D0%BE%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%2C%20mlm%2C%20http%3A%2F%2Fpremiuminter.net%2Fr%2F%2C%20http%3A%2F%2Fsistemalide.ru%2F%2C%20http%3A%2F%2Fpremiuminter%2C&cbiframe=1&&callback=jsonp686014
Requested by: Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.31.211.130.bc.googleusercontent.com
Software: openresty /
Resource Hash: c09f6233a43495572effaea6818cd48cd8a2d0cd244f66ddab2ef1953f96d3ef

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
content-encoding: gzip
alt-svc: clear
server: openresty
content-type: application/json; charset=utf-8
access-control-allow-origin: *
link: <//discovernative.com>; rel=dns-prefetch,<//discovernative.com>; rel=preconnect,<//cdnativ.com>; rel=dns-prefetch,<//cdnativ.com>; rel=preconnect
via: 1.1 google

GET
H2 200 native.php Show response
discovernative.com/script/ Frame 4F5A 3 KB
2 KB 201ms
170ms Script
application/json 130.211.31.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://discovernative.com/script/native.php?nwpsv=1&r=3133087&cbrandom=0.3295360679406165&cbWidth=300&cbHeight=250&cbtitle=&cbref=&cbdescription=%D0%9F%D0%BE%D1%82%D1%80%D0%B5%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20Premium%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BE%D1%80%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%B0%D1%88%D0%B8%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2&cbkeywords=%D0%9F%D1%80%D0%B5%D0%BC%D0%B8%D1%83%D0%BC%2C%20%D0%9F%D0%BE%D1%82%D1%80%D0%B5%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%2C%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%2C%20Premium%2C%20%D0%9C%D0%9B%D0%9C%2C%20Premium%2C%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%2C%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%2C%20%D0%BB%D0%BE%D1%82%D0%B5%D1%80%D0%B5%D1%8F%2C%20%D0%BF%D0%BE%D1%82%D1%80%D0%B5%D0%B1%D0%BA%D0%BE%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%2C%20mlm%2C%20http%3A%2F%2Fpremiuminter.net%2Fr%2F%2C%20http%3A%2F%2Fsistemalide.ru%2F%2C%20http%3A%2F%2Fpremiuminter%2C&cbiframe=1&&callback=jsonp150857
Requested by: Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.31.211.130.bc.googleusercontent.com
Software: openresty /
Resource Hash: 1152d1ab087379cbbd4543202cef9320273047623ad3062987e98c528b707d3d

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:28 GMT
content-encoding: gzip
alt-svc: clear
server: openresty
content-type: application/json; charset=utf-8
access-control-allow-origin: *
link: <//discovernative.com>; rel=dns-prefetch,<//discovernative.com>; rel=preconnect,<//cdnativ.com>; rel=dns-prefetch,<//cdnativ.com>; rel=preconnect
via: 1.1 google

GET
H2 200 style.js Show response
superonclick.com/script/ Frame CC0E 40 KB
12 KB 14ms
13ms Script
text/javascript 2606:4700:3035::6815:57a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superonclick.com/script/style.js
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/native_render.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:57a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07e8d6ea069f651d48ad47731cce6d24417176b3a353554f40fe2d5f8b81afb1

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=r+9kWg==, md5=9vnEM2N/er/68OuRi4OHTA==
date: Sat, 13 Mar 2021 16:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2988
x-guploader-uploadid: AAANsUm8g4d92AfofWAK_SCntzBmQaK5_Yk3pVX1KYd3bBRByaX94V4fOeINsqOersdAeO__zKVLcz7dEgNLPuXdx8DCzQIWzg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c452100004a55c236a000000001
last-modified: Thu, 10 Oct 2019 07:15:34 GMT
server: cloudflare
etag: W/"f6f9c433637f7abffaf0eb918b83874c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UP%2BaViZoMd%2FuhaATO%2FJIVv%2BgeTtZsBZ6OYlI8mGU8xeZTasQwDA7y0eTy8XeTiVCz8Rc2Tfk7%2FY3rgrSFu%2FGUUr92TY32bexMEgCweOFtpN6VNLMVQMRkRFoHfwe"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570691734888336
content-type: text/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 41280
cf-ray: 62f6afe838b64a55-FRA
expires: Sat, 13 Mar 2021 16:47:40 GMT

GET
H2 200 style.js Show response
superonclick.com/script/ Frame 4F5A 40 KB
12 KB 12ms
12ms Script
text/javascript 2606:4700:3035::6815:57a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superonclick.com/script/style.js
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/native_render.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:57a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07e8d6ea069f651d48ad47731cce6d24417176b3a353554f40fe2d5f8b81afb1

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=r+9kWg==, md5=9vnEM2N/er/68OuRi4OHTA==
date: Sat, 13 Mar 2021 16:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2988
x-guploader-uploadid: AAANsUm8g4d92AfofWAK_SCntzBmQaK5_Yk3pVX1KYd3bBRByaX94V4fOeINsqOersdAeO__zKVLcz7dEgNLPuXdx8DCzQIWzg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c452200004a55f5082000000001
last-modified: Thu, 10 Oct 2019 07:15:34 GMT
server: cloudflare
etag: W/"f6f9c433637f7abffaf0eb918b83874c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O3ItugeQw0tgV2OpMe20Ai5XimBL6qGQ6bEA5xcd3dIdps2DRS4KX%2BQuJIWAun0GYiDpm%2B6icE3mnmQtGDp95Jk8OiNRw08kL4NHJ8haBNYnSBwA%2Br%2B%2BY3Tos7UK"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570691734888336
content-type: text/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 41280
cf-ray: 62f6afe838ba4a55-FRA
expires: Sat, 13 Mar 2021 16:47:40 GMT

GET
H2 200 15d3c0cf25f063bc16a60239a8394f82_3680.jpg
cdnativ.com/extban/240808020/creatives/23185326/ Frame CC0E 29 KB
29 KB 39ms
13ms Image
image/jpeg 2606:4700:3034::6815:1cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnativ.com/extban/240808020/creatives/23185326/15d3c0cf25f063bc16a60239a8394f82_3680.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27886805880254abf1020865daa74e65f63dbf4e0200953f01c57600fda19406

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5147
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c454f0000074a3203b000000001
last-modified: Tue, 24 Nov 2020 12:55:18 GMT
server: cloudflare
etag: W/"5fbd02b6-730b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FhOeeEVV77fkE%2FGC%2FqAk9pnmHKAyL2aHUnNnW735s8Jy%2BNZ37fvTGZb39p4AjxnKyVpIB57kLceOUG0e44Ub3qGCIYVS9ZeFcnboDw6wy6yjD5zLBoKQ5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 62f6afe8790c074a-FRA

GET
H2 200 f4246b9de286af29b2b1a2b8ad442e99_9276.jpg
cdnativ.com/extban/240808020/creatives/23185324/ Frame CC0E 42 KB
42 KB 45ms
19ms Image
image/jpeg 2606:4700:3034::6815:1cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnativ.com/extban/240808020/creatives/23185324/f4246b9de286af29b2b1a2b8ad442e99_9276.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd77ef026e75ed7340d558dd4762dc81ef6da420ba9bcfb137e10d199510783c

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3858
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c454f0000074a1ab29000000001
last-modified: Tue, 24 Nov 2020 12:53:25 GMT
server: cloudflare
etag: W/"5fbd0245-a81a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aK1Ew9vTZrtj4EdJeb%2F20tdoZYhPSM9e9%2FPIv8%2FTI1%2FxhOYIKLo5rh8Mlh7k%2F5toZLfxSri0%2BudxYPt%2Fd32d6ZakLPUv3zK5ZlYwFfL6KFJLjrmdtv7BfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 62f6afe8790e074a-FRA

GET
H2 200 f4246b9de286af29b2b1a2b8ad442e99_9276.jpg
cdnativ.com/extban/240808020/creatives/23185324/ Frame 4F5A 42 KB
42 KB 38ms
14ms Image
image/jpeg 2606:4700:3034::6815:1cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnativ.com/extban/240808020/creatives/23185324/f4246b9de286af29b2b1a2b8ad442e99_9276.jpg
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/style.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd77ef026e75ed7340d558dd4762dc81ef6da420ba9bcfb137e10d199510783c

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3858
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c454f0000074abf850000000001
last-modified: Tue, 24 Nov 2020 12:53:25 GMT
server: cloudflare
etag: W/"5fbd0245-a81a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0i9DG2rJdqlxyJ211%2Fhd05ClkgG%2F0fpi3gvCWD%2FQIV6l7IzsDW%2FUPjV0gHW1EXPgRbJ3LbEF%2BvjqCuVu7%2B2K7r1Pfh98zAACJCOT0Iq3ncCbLpYbyOEExQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 62f6afe87910074a-FRA

GET
H2 200 3661a555d8942d7c1b128816ac2d7776_6259.jpeg
cdnativ.com/extban/216329220/creatives/23055112/ Frame 4F5A 78 KB
78 KB 158ms
134ms Image
image/jpeg 2606:4700:3034::6815:1cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnativ.com/extban/216329220/creatives/23055112/3661a555d8942d7c1b128816ac2d7776_6259.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a88afd97be9de639418e160f2b9295bfb9cb21fa790dba8a80665d856a14d9a

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
via: 1.1 google
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Jun 2020 09:24:10 GMT
server: cloudflare
etag: W/"5ede03ba-136b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JmGjhlC4Jit0bG6amVpd%2FDrdUmUrnxpVIyRVvmBtu2iy5hzvfnjHwTYyNvS3O7OK3z0rfxggH9eTrGLlRL8FheXLSWJs%2FfinNKRdySptWNeuqTtnK7kYlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 62f6afe87911074a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c45500000074afe2c5000000001

GET
H2 200 15d3c0cf25f063bc16a60239a8394f82_3680.jpg
cdnativ.com/extban/240808020/creatives/23185326/ Frame CC0E 29 KB
29 KB 11ms
10ms Image
image/jpeg 2606:4700:3034::6815:1cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnativ.com/extban/240808020/creatives/23185326/15d3c0cf25f063bc16a60239a8394f82_3680.jpg
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/style.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27886805880254abf1020865daa74e65f63dbf4e0200953f01c57600fda19406

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5147
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c45690000074ac3243000000001
last-modified: Tue, 24 Nov 2020 12:55:18 GMT
server: cloudflare
etag: W/"5fbd02b6-730b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rqoYaDNNLfp%2FflOPEPllEwm6qPXzAQQ5rMsh5r3lnElxwCzGRnZizwklxnroYOnwL5uS6QXoODg3Db7iOgD2G%2FYwHWxI3e%2Fxh1InKZ66Ozf36O9SoKh%2F%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 62f6afe8a937074a-FRA

GET
H2 200 f4246b9de286af29b2b1a2b8ad442e99_9276.jpg
cdnativ.com/extban/240808020/creatives/23185324/ Frame CC0E 42 KB
42 KB 11ms
11ms Image
image/jpeg 2606:4700:3034::6815:1cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnativ.com/extban/240808020/creatives/23185324/f4246b9de286af29b2b1a2b8ad442e99_9276.jpg
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/style.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd77ef026e75ed7340d558dd4762dc81ef6da420ba9bcfb137e10d199510783c

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3858
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c45690000074a28ae6000000001
last-modified: Tue, 24 Nov 2020 12:53:25 GMT
server: cloudflare
etag: W/"5fbd0245-a81a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8RJuESfQ7meTZefMDwFcAQah%2BMgrxoWJSuisOjITT33IPcuGgKALlOh5qogSAeq2fJQSQAqSAvXpGtx7vUBP5xVCe1jwbfRQQuwz%2FHkRo8SHmkLrarr6GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 62f6afe8a93a074a-FRA

GET
DATA 200
OK truncated
/ Frame CC0E 350 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c41f4da5f7d6569364d3f152d18ab9875d24b8d65b88a51349722676fc96eed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3650 350 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c41f4da5f7d6569364d3f152d18ab9875d24b8d65b88a51349722676fc96eed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 15d3c0cf25f063bc16a60239a8394f82_3680.jpg
cdnativ.com/extban/240808020/creatives/23185326/ Frame 3650 29 KB
29 KB 16ms
15ms Image
image/jpeg 2606:4700:3034::6815:1cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnativ.com/extban/240808020/creatives/23185326/15d3c0cf25f063bc16a60239a8394f82_3680.jpg
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/style.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27886805880254abf1020865daa74e65f63dbf4e0200953f01c57600fda19406

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5147
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c45d50000074aca8c9000000001
last-modified: Tue, 24 Nov 2020 12:55:18 GMT
server: cloudflare
etag: W/"5fbd02b6-730b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fxi87DwgqdKzMUWblKF5o3%2FBT3cXs1AY%2BdFjxweAk%2BjznGeq2O9ANdnoGKcitRknLwpxS1udx2hLWt%2BPypmob%2BkVT3mNiXv5wiiqVbKR%2FU0aEXI0%2BHRI%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 62f6afe95a05074a-FRA

GET
H2 200 f4246b9de286af29b2b1a2b8ad442e99_9276.jpg
cdnativ.com/extban/240808020/creatives/23185324/ Frame 3650 42 KB
42 KB 16ms
16ms Image
image/jpeg 2606:4700:3034::6815:1cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnativ.com/extban/240808020/creatives/23185324/f4246b9de286af29b2b1a2b8ad442e99_9276.jpg
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/style.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd77ef026e75ed7340d558dd4762dc81ef6da420ba9bcfb137e10d199510783c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3858
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c45d60000074ac8134000000001
last-modified: Tue, 24 Nov 2020 12:53:25 GMT
server: cloudflare
etag: W/"5fbd0245-a81a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AFsri5MiDIbT2WGwfq2n5IzMFbw%2F66HMuEY14fOWcBTpSFryGlAJfusxQ4nUYWbVdTonWCUlotKdfROjBD5FOjSI54bS8tX%2BH%2Bw%2FnlmyPqv9raa%2F%2BEPg4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 62f6afe95a0a074a-FRA

GET
H2 204 i.php Show response
discovernative.com/script/ Frame 3650 0
61 B 172ms
172ms Script
text/plain 130.211.31.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://discovernative.com/script/i.php?stamat=m%7C%2C%2CAjerY2K-tGU3B5-GH0dEdHP3xP.a0f%2CyCtvTOURGe6CSXG9BTQarH9oSJQBnLRatcycLOuPbooQaE68J456Ns6z66L2NmKvKKDPLlKOD-La6lnzOOOD1nbCA72QLgK194iY-CCTrTyIF5YMynaJ0DpPi5JtzSUi7Eso8ND293HFmZ7uagj2K7Bb4VJYsVclCz2frdfwDXqkQ4PXHTvjS1huuMMobco1-rfs9FQ3dngiHBos7ruiD3zAaPDlHxtvkmm1SY16vGIgA3zKVyPHLJ96W1BuaWh2POc-9S5VgwIFH_pWJyVz-pnSne5fVwQyBzMcjYLxwKfFzrRWEcsLLPNmSvgeE5XK04mkR_zEaqpg1BAjfXSISlhDJv9R_xcBWYSjSEWQCTIfo6nxusSmBG1zjdK9AaLM_1QbRGr1TBKk27fgmv4_Edon_p2HPvsznXKHPuUQu8pQDxZovqdo8koPi6rvrXIqHV4BYT00fDzBBpMbrFqEd1_-l_F9BNPyvEzWbFRk91_10OX0rZHUUHeXeGrHXXUI7ZJfsSoB_3f0KpQ43do5yrJUMcPHoaeMG2cjlKwLkgyWsSTJKERwmKNl-Nd6yTgiL5lzk_NrLaCzH_-8kIs6GQ%2C%2C&track=0,1
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/style.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.31.211.130.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 13 Mar 2021 16:37:29 GMT
via: 1.1 google
referrer-policy: no-referrer
server: openresty
alt-svc: clear

GET
H2 200 3661a555d8942d7c1b128816ac2d7776_6259.jpeg
cdnativ.com/extban/216329220/creatives/23055112/ Frame 4F5A 78 KB
78 KB 11ms
10ms Image
image/jpeg 2606:4700:3034::6815:1cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnativ.com/extban/216329220/creatives/23055112/3661a555d8942d7c1b128816ac2d7776_6259.jpeg
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/style.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a88afd97be9de639418e160f2b9295bfb9cb21fa790dba8a80665d856a14d9a

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c45db0000074abe0ab000000001
last-modified: Mon, 08 Jun 2020 09:24:10 GMT
server: cloudflare
etag: W/"5ede03ba-136b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EttnSjxjTdchLypZlBMvQcK18%2B8l6KeCnDawFx38EV12aJv1NFO%2BdZcN%2FzVExEXANOZwzDEq541wj6eVYepCwCXZiSD6A56p5P0e4DCQ7qpX8oz%2F85Uo8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 62f6afe95a1c074a-FRA

GET
H2 200 f4246b9de286af29b2b1a2b8ad442e99_9276.jpg
cdnativ.com/extban/240808020/creatives/23185324/ Frame 4F5A 42 KB
42 KB 13ms
12ms Image
image/jpeg 2606:4700:3034::6815:1cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnativ.com/extban/240808020/creatives/23185324/f4246b9de286af29b2b1a2b8ad442e99_9276.jpg
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/style.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd77ef026e75ed7340d558dd4762dc81ef6da420ba9bcfb137e10d199510783c

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3858
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c45da0000074a1fadf000000001
last-modified: Tue, 24 Nov 2020 12:53:25 GMT
server: cloudflare
etag: W/"5fbd0245-a81a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E1xPP%2FT6JXaxAuh%2B73yiHvdOjXPC0HpZ4opDLhi7c%2FENsMbcFQUVRspZp9XJ4PO%2FzRSYocBcrzfE6U%2FAOrFLcVZ30D2WMow15WD1MsI4hHu%2BqQj8ETrz7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 62f6afe95a18074a-FRA

GET
DATA 200
OK truncated
/ Frame 4F5A 350 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c41f4da5f7d6569364d3f152d18ab9875d24b8d65b88a51349722676fc96eed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ 121 KB
36 KB 59ms
59ms Script
application/javascript 2.23.156.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.156.217 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-156-217.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: af4acfc4586c2d5c11514ef08681ca1cc7f69db15e61443a7e6347226f82633d

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uZ3IAR1ILqd3gCJAaZ9PBtO2GfcxtaML
Content-Encoding: gzip
Last-Modified: Wed, 10 Feb 2021 08:43:15 GMT
Server: AmazonS3
x-amz-request-id: 69017D961D0BBEAA
ETag: "605f5c9fee2a9f0e3b4711ec43352b49"
Vary: Accept-Encoding
Content-Type: application/javascript
CDN-Origin-Protocol: HTTP
Date: Sat, 13 Mar 2021 16:37:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Forward-Proto: http
Content-Length: 36129
x-amz-id-2: 6uf+EG4w62ODVtUKTkwWKDjXb9W6QB3I4Wwll5MytK+xEp8lJ31Jc9eT19Gw1fMOhACjcvcGC9M=

GET
DATA 200
OK truncated
/ Frame 5E80 350 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c41f4da5f7d6569364d3f152d18ab9875d24b8d65b88a51349722676fc96eed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3661a555d8942d7c1b128816ac2d7776_6259.jpeg
cdnativ.com/extban/216329220/creatives/23055112/ Frame 5E80 78 KB
78 KB 11ms
10ms Image
image/jpeg 2606:4700:3034::6815:1cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnativ.com/extban/216329220/creatives/23055112/3661a555d8942d7c1b128816ac2d7776_6259.jpeg
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/style.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a88afd97be9de639418e160f2b9295bfb9cb21fa790dba8a80665d856a14d9a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c46430000074ad3a39000000001
last-modified: Mon, 08 Jun 2020 09:24:10 GMT
server: cloudflare
etag: W/"5ede03ba-136b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bPNtnf6GmOjVaQF69uigD%2BQjNjv71hqNFM5wjRxaOrppg3pba5Oy873cu7C2GAsjeCtbSptylT4yf8Xjt4ordbyEsrxmX02SUUjHni%2B1aVh4I7BlrGOfgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 62f6afea0b27074a-FRA

GET
H2 200 f4246b9de286af29b2b1a2b8ad442e99_9276.jpg
cdnativ.com/extban/240808020/creatives/23185324/ Frame 5E80 42 KB
42 KB 35ms
34ms Image
image/jpeg 2606:4700:3034::6815:1cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnativ.com/extban/240808020/creatives/23185324/f4246b9de286af29b2b1a2b8ad442e99_9276.jpg
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/style.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd77ef026e75ed7340d558dd4762dc81ef6da420ba9bcfb137e10d199510783c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3858
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08ce0c46440000074afe2d0000000001
last-modified: Tue, 24 Nov 2020 12:53:25 GMT
server: cloudflare
etag: W/"5fbd0245-a81a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zCRcetS%2BGGLI00Y6s8zeVQMy3O0YE%2BQCNcSizsVCAe1p04%2Fu8sx7qMASMM8hvb%2ByS7lBWkJmNTru4HrdeqOAaRRwoCcvZ5qnByIXi0QCfQc8i5Fd4vgoqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 62f6afea0b33074a-FRA

GET
H2 204 i.php Show response
discovernative.com/script/ Frame 5E80 0
40 B 172ms
172ms Script
text/plain 130.211.31.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://discovernative.com/script/i.php?stamat=m%7C%2C%2CA2e743LmoGU3BP-GH0dEdHP3xP.1ed%2CPxRY4CVykyEz4gq7m80tA6y-N36mmdkXx2VnrSQD2wLFHnGBcZjC55c8ZYc92X9FE97l3X_-NQKm8qjrzNC8FfXNm_h-OpW0sm0UU7k08ZDvLx2mbHJxbS6IEotVqF8g6s90dYRlJU3VqglvaQzktzGQk78rEv791aftDQCNnEtTAbMHtfj9l-h1cgCwbXI03s6rDoqbRjp-gKL88yJIVzju5rlkX0Kikyth1_sLL-corXbO0ljjsVFJ3rDjUXW4M0lR2WoVN9gVTVLJYJb92WRbtaw9vnshwryJaJGs2-l9kCZoPBeUPNSqFJnKZpiSUPcTzPBergYcmCCo1E41xRLjO-0uk-2hxQiKLoim4CkTmy1zEk_o8aMl7E8gQW5iZL3NPdFuUNbJOfdUmOQfvw7w6ipRicbIK4hjifsyo25lXmBlkdsxQrDK6IxqBfdtD7TIYoh2qaIcuaZoLHPyOJDEF6gmigR7u3KIlCqnFRINOICc6QgojayIA9ZCVMHiMw6eBUd_RDHY0S7cY_7PmKBAdzy9tx_FOM6MB1gK4qAviqaWAGbGhwYKjv5VhmtcbunDiCpgCNAIxC9UH4CFWn-s7GtHhusMDYUMeo4gPlP3Czw1Leu8ywe2JVDShF8O&track=0,1
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/style.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.31.211.130.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 13 Mar 2021 16:37:29 GMT
via: 1.1 google
referrer-policy: no-referrer
server: openresty
alt-svc: clear

OPTIONS
H2 204 desktop
avm.avantisvideo.com/api/v1/tag/f4ae7e78-7270-4715-b468-988c541b35d8/1/ Frame 0
0 201ms
201ms Preflight 52.34.123.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/f4ae7e78-7270-4715-b468-988c541b35d8/1/desktop

Protocol

Server

52.34.123.238 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-123-238.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://premiuminter.forum2x2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://premiuminter.forum2x2.ru
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type

POST
H2 200 / Show response
events.avantisvideo.com/ 2 B
90 B 597ms
196ms XHR
text/plain 54.214.163.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 13 Mar 2021 16:37:29 GMT
content-length: 2
content-type: text/plain

GET
H2 200 desktop Show response
avm.avantisvideo.com/api/v1/tag/f4ae7e78-7270-4715-b468-988c541b35d8/1/ 925 B
2 KB 205ms
204ms XHR
application/json 52.34.123.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/f4ae7e78-7270-4715-b468-988c541b35d8/1/desktop

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.34.123.238 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-123-238.us-west-2.compute.amazonaws.com

Software

Resource Hash

7f2bbdc07570dd907005353bf2b0d9b11c3c6b0f629a9a628b13411801e1613f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Origin
content-length: 925
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Sat, 13 Mar 2021 16:37:29 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://premiuminter.forum2x2.ru
access-control-allow-credentials: true

GET
H2 200 adb.js Show response
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 2 B
470 B 38ms
10ms Script
text/javascript 2a02:26f0:2100:18f::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:2100:18f::2c79 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
x-guploader-uploadid: ABg5-UxyRszyjnqg5FRJM94aw2GTT99JBkNhRl8uw7ZiOZc0EskB4KYWfZeIw0GJaq0Vzdc23vvezOR-lUNKzjp--A4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 2
last-modified: Thu, 14 May 2020 13:22:36 GMT
server: UploadServer
etag: "56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash: crc32c=cz4mSA==
x-goog-generation: 1589462556858294
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=1800
x-goog-stored-content-length: 2
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 13 Mar 2021 17:07:29 GMT

GET
H2 200 aniview.js Show response
player.aniview.com/script/6.1/ 24 KB
9 KB 12ms
10ms Script
application/javascript 2a02:26f0:2100:18f::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:2100:18f::2c79 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 4b6f2e21fdd573246166e25e88c0693f269ad5eb974fb517d6dee5f765bd65d2

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UzMZGl6HzLxL4DzdDBB3kEjgOceS2HPrqXI6S5iAmBU1ZP6FyCxmzQr8TiaI-811P5NFkvA6LKdiTJAGj9UjTfUPSxLeQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 9025
last-modified: Wed, 03 Feb 2021 11:37:22 GMT
server: UploadServer
etag: "b07b626603dc9e6121e6bea0651d4d48"
vary: Accept-Encoding
x-goog-hash: crc32c=BpGuWw==, md5=sHtiZgPcnmEh5r6gZR1NSA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1612352242886279
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9025
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 13 Mar 2021 16:42:29 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame C0C1 331 KB
94 KB 10ms
10ms Script
application/javascript 2a02:26f0:2100:18f::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:2100:18f::2c79 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 173d5f3d3b09f62a9a6e5ccf6c35fca457b6d68c0bd03e04171c41719e402ca2

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:29 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UzUaSPhANsryb_rbI1PkUu-Ius70zssgT8xaYez98wiXn3nIRQKiGmhH6n-KkTskj32WeAn2eKbsG_MRp0NiDs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 95778
last-modified: Wed, 24 Feb 2021 08:53:38 GMT
server: UploadServer
etag: "06ac451dcb93e2560f9563c8286b920c"
vary: Accept-Encoding
x-goog-hash: crc32c=8jEwgw==, md5=BqxFHcuT4lYPlWPIKGuSDA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1614156818658566
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 95778
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 13 Mar 2021 16:42:29 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 350ms
115ms Image
text/plain 3.229.248.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=premiuminter.forum2x2.ru&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&apppkg=&fv=3&proto=https&pid=5e9f0c29a576362f3045e018&cid=5e9f0e0f43abb056b3418e2c&e=inventory&vi=100&cb=1615653449970
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.248.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:30 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 6 KB
2 KB 363ms
124ms XHR
application/json 18.208.241.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e9f0c29a576362f3045e018&AV_CHANNELID=5e9f0e0f43abb056b3418e2c&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=premiuminter.forum2x2.ru&AV_DADPOS=3&v=6.1.1.243&avtoken=449969&AV_WIDTH=400&AV_HEIGHT=225&cb=1615653449983
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.241.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-241-4.compute-1.amazonaws.com
Software: /
Resource Hash: f5be2670226b692507573b122792f49a59f4d4bd8db24797883cdb920d5e7337

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:30 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://premiuminter.forum2x2.ru
cache-control: no-cache
access-control-allow-credentials: true
expires: Tue, 02 Mar 2021 02:50:50 GMT

POST
H2 200 / Show response
events.avantisvideo.com/ 2 B
89 B 196ms
196ms XHR
text/plain 54.214.163.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 13 Mar 2021 16:37:30 GMT
content-length: 2
content-type: text/plain

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame A1A9
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1615653450286-988909042651-020248-003-004980%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1615653450286-988909042651-020248-003-004980%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1615653450286-988909042651-020248-003-004980&biddername=55&key=4739668865103727730

0
328 B

367ms
116ms

Document
text/plain

34.202.70.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1615653450286-988909042651-020248-003-004980&biddername=55&key=4739668865103727730
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.70.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1615653450286-988909042651-020248-003-004980&biddername=55&key=4739668865103727730
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://premiuminter.forum2x2.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://premiuminter.forum2x2.ru/

Response headers

date: Sat, 13 Mar 2021 16:37:30 GMT
content-length: 0
set-cookie: aniC=1615653450286-988909042651-020248-003-004980; Path=/; Domain=aniview.com; Expires=Sat, 20 Mar 2021 16:37:30 GMT; Secure; SameSite=None 2_C_55=4739668865103727730; Path=/; Domain=aniview.com; Expires=Sat, 20 Mar 2021 16:37:30 GMT; Secure; SameSite=None 2_C_55=4739668865103727730; Path=/; Expires=Sat, 20 Mar 2021 16:37:30 GMT; Secure; SameSite=None

Redirect headers

Server: nginx/1.17.9
Date: Sat, 13 Mar 2021 16:37:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1615653450286-988909042651-020248-003-004980&biddername=55&key=4739668865103727730
AN-X-Request-Uuid: 8d5e645c-0446-4e9f-8413-1a6078e2e582
Set-Cookie: uuid2=4739668865103727730; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 11-Jun-2021 16:37:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.7:80

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
789 B 127ms
53ms XHR
application/xml 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=21002496&referrer=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&us_privacy=1---&cbb=5653450351&imp_id=cfa83f4f-9d61-406f-9142-f6f9fa166330

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Mar 2021 16:37:30 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.170:80
AN-X-Request-Uuid: 59b435da-024c-4ddd-999d-7f5b1b03fad6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://premiuminter.forum2x2.ru
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 27 B
731 B 111ms
36ms XHR
application/xml 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=21006675&referrer=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&us_privacy=1---&cbb=5653450353&imp_id=cfa83f4f-9d61-406f-9142-f6f9fa166330

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Mar 2021 16:37:30 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid: c28b0d43-bba2-4d07-81c4-15bdb7f4df5d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://premiuminter.forum2x2.ru
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
788 B 112ms
38ms XHR
application/xml 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=21002488&referrer=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&us_privacy=1---&cbb=5653450354&imp_id=cfa83f4f-9d61-406f-9142-f6f9fa166330

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Mar 2021 16:37:30 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.47:80
AN-X-Request-Uuid: 09fbf8fd-efe0-455e-bac5-dc28885bf72c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://premiuminter.forum2x2.ru
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame C0C1 261 KB
83 KB 10ms
10ms Script
application/javascript 2a02:26f0:2100:18f::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:2100:18f::2c79 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 1e2496941c02b94bf6b19438b27abdbc71635f3fa79774f0210c36930d860b73

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:30 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Uxo_USxqPpxAQGelmQbWsoWIAWQ3iErcidk15nSImRqSOBCcAfFRsLSCvfLsiiVeQN6Ejal2E644HKroopGP9TLrnzSlA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 84286
last-modified: Wed, 24 Feb 2021 08:53:00 GMT
server: UploadServer
etag: "4b0d193eafdda7f38974bf68ea2e62a6"
vary: Accept-Encoding
x-goog-hash: crc32c=LGMRCg==, md5=Sw0ZPq/dp/OJdL9o6i5ipg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1614156780497939
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 84286
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 13 Mar 2021 16:42:30 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 118ms
117ms Image
text/plain 3.229.248.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=premiuminter.forum2x2.ru&rs=premiuminter.forum2x2.ru&sid=62269&t=1615653450&cip=185.156.175.107&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e9f0c29a576362f3045e018&test=&aafaid=&proto=https&uid=1615653450286-988909042651-020248-003-004980&cha=0.05&cb=83853765015&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e9f0c29a576362f3045e018&nid=59918a0e073ef4782e4e347f&pcid=5e9f0e0f43abb056b3418e2c&ncid=5d4aab3928a06112b42d3a48&pasid=5e9f0c6e229676782629f78a&e=request&cb=1615653450356&asid=602001c46e67f25d741a755e%2C6021442b63a5fd0bc74fdbe4%2C60200035bbc5d169984bcaeb%2C601ffe5bf5b153761b23202c&ofpr=%2C%2C%2C0.17&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.248.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:30 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
225 B 110ms
32ms XHR
application/json 52.59.160.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://premiuminter.forum2x2.ru
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 / Show response
events.avantisvideo.com/ 2 B
89 B 197ms
197ms XHR
text/plain 54.214.163.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 13 Mar 2021 16:37:30 GMT
content-length: 2
content-type: text/plain

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 27 B
885 B 47ms
46ms XHR
application/xml 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=21002496&referrer=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&us_privacy=1---&cbb=5653450525&imp_id=ce82ab9f-94d3-4baa-9a9a-6301e061a1f2

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Mar 2021 16:37:30 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.54:80
AN-X-Request-Uuid: a33dc209-1914-47bf-9637-fe06278ef1c1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://premiuminter.forum2x2.ru
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
944 B 71ms
71ms XHR
application/xml 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=21006675&referrer=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&us_privacy=1---&cbb=5653450525&imp_id=ce82ab9f-94d3-4baa-9a9a-6301e061a1f2

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Mar 2021 16:37:30 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.165:80
AN-X-Request-Uuid: d11df9b3-b269-402c-90c0-2a93ce80ca46
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://premiuminter.forum2x2.ru
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 27 B
886 B 51ms
50ms XHR
application/xml 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=21002488&referrer=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&us_privacy=1---&cbb=5653450526&imp_id=ce82ab9f-94d3-4baa-9a9a-6301e061a1f2

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Mar 2021 16:37:30 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.143:80
AN-X-Request-Uuid: ccba7278-52f4-4df5-ab87-f68035c12b99
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://premiuminter.forum2x2.ru
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 116ms
116ms Image
text/plain 3.229.248.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=premiuminter.forum2x2.ru&rs=premiuminter.forum2x2.ru&sid=62269&t=1615653450&cip=185.156.175.107&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e9f0c29a576362f3045e018&test=&aafaid=&proto=https&uid=1615653450286-988909042651-020248-003-004980&cha=0.05&cb=83853765015&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e9f0c29a576362f3045e018&nid=59918a0e073ef4782e4e347f&pcid=5e9f0e0f43abb056b3418e2c&ncid=5d4aab3928a06112b42d3a48&pasid=5e9f0c6e229676782629f78a&e=request&cb=1615653450526&asid=602001c46e67f25d741a755e%2C6021442b63a5fd0bc74fdbe4%2C60200035bbc5d169984bcaeb%2C601ffe5bf5b153761b23202c&ofpr=%2C%2C%2C0.17&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.248.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:30 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
225 B 29ms
29ms XHR
application/json 52.59.160.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://premiuminter.forum2x2.ru
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 / Show response
events.avantisvideo.com/ 2 B
89 B 200ms
199ms XHR
text/plain 54.214.163.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 13 Mar 2021 16:37:30 GMT
content-length: 2
content-type: text/plain

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP67d2dafa-841a-11eb-80a1-02744da311a6
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP67d2dafa-841a-11eb-80a1-02744da311a6&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA2N2QyZGFmYS04NDFhLTExZWItODBhMS0wMjc0NGRhMzExYTY%3D
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_hm=VVA2N2QyZGFmYS04NDFhLTExZWItODBhMS0wMjc0NGRhMzExYTY%3D&google_tc=
https://pixel.advertising.com/ups/57304/sync?uid=CAESEE_5Wp-DLCsRmMY6ixDfyDc&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEE_5Wp-DLCsRmMY6ixDfyDc&google_cver=1&apid=UP67d2dafa-841a-11eb-80a1-02744da311a6

0
964 B

28ms
27ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEE_5Wp-DLCsRmMY6ixDfyDc&google_cver=1&apid=UP67d2dafa-841a-11eb-80a1-02744da311a6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 16:37:31 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEE_5Wp-DLCsRmMY6ixDfyDc&google_cver=1&apid=UP67d2dafa-841a-11eb-80a1-02744da311a6
date: Sat, 13 Mar 2021 16:37:31 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
https://pixel.advertising.com/ups/55986/sync?uid=YEzqSwAAAI4t1FLS&_origin=0&gdpr=0&gdpr_consent=&_test=YEzqSwAAAI4t1FLS
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YEzqSwAAAI4t1FLS&_origin=0&gdpr=0&gdpr_consent=&_test=YEzqSwAAAI4t1FLS&apid=UP67d2dafa-841a-11eb-80a1-02744da311a6
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YEzqSwAAAI4t1FLS&_origin=0&gdpr=0&gdpr_consent=&_test=YEzqSwAAAI4t1FLS&apid=UP67d2dafa-841a-11eb-80a1-02744da311a6&verify=true

0
964 B

27ms
27ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55986/sync?uid=YEzqSwAAAI4t1FLS&_origin=0&gdpr=0&gdpr_consent=&_test=YEzqSwAAAI4t1FLS&apid=UP67d2dafa-841a-11eb-80a1-02744da311a6&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 16:37:31 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Sat, 13 Mar 2021 16:37:31 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55986/sync?uid=YEzqSwAAAI4t1FLS&_origin=0&gdpr=0&gdpr_consent=&_test=YEzqSwAAAI4t1FLS&apid=UP67d2dafa-841a-11eb-80a1-02744da311a6&verify=true
Connection: keep-alive
Content-Length: 0

GET
H2

204

sync
pixel.advertising.com/ups/55953/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://pixel.advertising.com/ups/55953/sync?uid=3c0c5ea2-07bd-4057-84f8-7c20934097f4&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=3c0c5ea2-07bd-4057-84f8-7c20934097f4

0
124 B

25ms
25ms

Image
text/plain

3.126.63.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55953/sync?uid=3c0c5ea2-07bd-4057-84f8-7c20934097f4&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=3c0c5ea2-07bd-4057-84f8-7c20934097f4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-63-176.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:37:31 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Sat, 13 Mar 2021 16:37:31 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.advertising.com/ups/55953/sync?uid=3c0c5ea2-07bd-4057-84f8-7c20934097f4&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=3c0c5ea2-07bd-4057-84f8-7c20934097f4
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 369

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 368ms
123ms XHR
text/plain 3.229.248.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=premiuminter.forum2x2.ru&rs=premiuminter.forum2x2.ru&sid=62269&t=1615653450&cip=185.156.175.107&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e9f0c29a576362f3045e018&test=&aafaid=&proto=https&uid=1615653450286-988909042651-020248-003-004980&cha=0.05&cb=83853765015&d9=0000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e9f0c29a576362f3045e018
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.248.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://premiuminter.forum2x2.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 13 Mar 2021 16:37:35 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

Verdicts & Comments Add Verdict or Comment

287 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adstune.com/	1970-01-19 16:47:35	Name: __cf_bm Value: 9998fe4ed4f8e4de50ee734a44e2489ed6b59aaa-1615653448-1800-AWUzEO8S2qKBA9dSZ5OHQAXEW4k0jOQRvJrQINqzDuMIaROP21V8FMiQGzwJvczTPw7QhIWpE/7hEY8xal/cDgM=
.forum2x2.ru/	1970-01-19 16:48:59	Name: _gid Value: GA1.2.2082614239.1615653448
.forum2x2.ru/	1970-01-20 10:18:45	Name: _ga Value: GA1.2.1951423017.1615653448
premiuminter.forum2x2.ru/	1969-12-31 23:59:59	Name: toolbar_state Value: fa_show
.forum2x2.ru/	1970-01-19 16:47:33	Name: _gat_gtag_UA_144347007_1 Value: 1
.premiuminter.forum2x2.ru/	1970-01-19 17:09:09	Name: _fa-screen Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://premiuminter.forum2x2.ru/forum(Line 47) Message: {"w":1600,"h":1200}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2img.net
ads.adaptv.advertising.com
adstune.com
ajax.googleapis.com
api.viglink.com
avm.avantisvideo.com
bidder.criteo.com
cdn.avantisvideo.com
cdn.taboola.com
cdn.viglink.com
cdn1.avantisvideo.com
cdnativ.com
cm.g.doubleclick.net
connect.topicit.net
discovernative.com
events.avantisvideo.com
go1.aniview.com
gum.criteo.com
i.servimg.com
ib.adnxs.com
illiweb.com
match.adsrvr.org
pagead2.googlesyndication.com
pixel.advertising.com
play.aniview.com
player.aniview.com
premiuminter.forum2x2.ru
qr-adv.com
secure.adnxs.com
static.avantisvideo.com
static.criteo.net
stats.g.doubleclick.net
superonclick.com
sync-tm.everesttech.net
sync.aniview.com
track1.aniview.com
twemoji.maxcdn.com
ufpcdn.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
130.211.31.231
142.250.74.194
151.101.114.49
178.250.0.165
18.156.0.31
18.208.241.4
185.33.221.87
199.232.137.44
2.23.156.217
2.23.156.235
23.111.9.57
2606:4700:20::ac43:48e9
2606:4700:3030::ac43:9798
2606:4700:3031::ac43:dd6a
2606:4700:3033::6815:3fe
2606:4700:3033::6815:5aab
2606:4700:3034::6815:1cb
2606:4700:3035::6815:3ac5
2606:4700:3035::6815:57a9
2606:4700:3037::ac43:8e31
2606:4700::6810:a30d
2a00:1450:4001:800::200e
2a00:1450:4001:810::2004
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:400c:c0c::9c
2a02:2638::1c
2a02:2638::3
2a02:26f0:2100:18f::2c79
2a02:26f0:6c00::210:ba40
3.126.63.176
3.229.248.93
34.202.70.106
52.34.123.238
52.49.114.167
52.50.7.8
52.59.160.25
54.214.163.233
94.23.159.185
07e8d6ea069f651d48ad47731cce6d24417176b3a353554f40fe2d5f8b81afb1
09f6e14499621a09d0f0f510a2eb79ae0790f315ddb5195c3a543b2b3df40204
0a2ae16febb6218317adbc00cf3a640256fcfd7f84c5ce3f612df78695739869
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1152d1ab087379cbbd4543202cef9320273047623ad3062987e98c528b707d3d
13cde9ccb70db9971f0b11fc07e1fe44d40d5d91a210d2065d3cacd481ab6e90
16bd0b41944c9e99eb13a384cc608888ba4fbed6cb9232136d5491affee57435
173d5f3d3b09f62a9a6e5ccf6c35fca457b6d68c0bd03e04171c41719e402ca2
1a88afd97be9de639418e160f2b9295bfb9cb21fa790dba8a80665d856a14d9a
1e2496941c02b94bf6b19438b27abdbc71635f3fa79774f0210c36930d860b73
23c5a3f4174f9a5cc573d0d1e3d2d404a6f6d27c6fe617dfdf3ba0f26545570f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27886805880254abf1020865daa74e65f63dbf4e0200953f01c57600fda19406
2d58ecf69035b4a041d10538b72c2f161068a8c3208ac91dc3b5444cc788ceef
35e5b3f77ffe5a6a56d481a0ff76664c335f2913a6072b02fafb7f00a6322d47
38d8555ff90122f749911d02b87f5006d576441e0b674a61ac202bbef74db7f1
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
3c41f4da5f7d6569364d3f152d18ab9875d24b8d65b88a51349722676fc96eed
46eb2c4af3ff749f7243d801a377b76fd92b43879f18b2e9cba36feab1bf9307
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4b6f2e21fdd573246166e25e88c0693f269ad5eb974fb517d6dee5f765bd65d2
51d8dee93fd9cec3fbba837c93a17f047717bd79a8a5c2c1a265ff9475aa83ca
5d9ec80f2c1316c1d793007aa535ad6f381cce1ed7446881a768b9baee45972b
60ec113672b35cc4ba6f7176e42c212b0aba50f0c333d6e33e7a8eca8b8dcb94
637282f23b8352c04ecc9dd7b4e1ffb23f8102517d010afaa447b2fb889b689e
655edd3c630302bcaf2690418226595dee314ed8ecf6747d7ef9a3e012e116a5
69e31d53d95f965695db3712f85925810e90cc839a793c87adfcb21eb637673e
6c0802d3b7592ad9704c902834de8a94047b553276d5b12bd8d79e58eb214a75
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
7471cc6d274c0ebc05c468ec82daa98dc1325fde221b3932a0c81de749b4cc60
74d3169e34286a8c8386a74e29aa6955c91090828c2cb4ecd15643b7a968004c
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51
7f2bbdc07570dd907005353bf2b0d9b11c3c6b0f629a9a628b13411801e1613f
8418203f6ad21d8aa71baba1b849f312a50e38580bccfbbb7d6f7f7eec16cbdb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88c316519db1cac5a1e26569c13777a8f1177fdb2d0f732e9af3e214efdac975
989f8331f21edcea690ea3a05d646abae9688ae75e61b2a5379f98cccb84dd5f
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
af4acfc4586c2d5c11514ef08681ca1cc7f69db15e61443a7e6347226f82633d
afd0d207d94ae86a47189f9f8aa63fa4bdad52d2ebcfb6c50fb8772ab39ffd5c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
bb0e83d250dcb9a567f0845e7e7f7870d1f8881974fbbb83d060431b755dec81
be829da434dbe7a5719faeb28277229a36314202fb4553b4e87b12298100a133
c09f6233a43495572effaea6818cd48cd8a2d0cd244f66ddab2ef1953f96d3ef
c1b0a91fd6eb5029cabacc3c14c13144f97a64d3b261082bd78bd95c71a86d49
c32c2af1ecbd99afd16fb18d2eb32e254b5eae460ffb4580cac2f5b8d47c954a
d0cdaa0db2e3c35fdca1e81ab6e540e5408531266d2cb1f39f77b336b6d8c64a
d4390447cdbeb188fcda3f6593cbb3ebb1db6fe26ddf5589e00c5bce297ce38a
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
dd77ef026e75ed7340d558dd4762dc81ef6da420ba9bcfb137e10d199510783c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfcafca6e9156d0bec58648f56126795dc7bfa78237227c71d7bab951e4b131b
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd
e3682f376a595a24247c3079e6b250506ab264d29fccb34d8145edb253970dcf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee131d698e778c19b989fb146003f43a9c6b2aa4dd2f78bcce4bed1d3326da9a
ee42844f6e6c978ca10465fc9a5f4c61631caf8d37d81a8aa6468b8cf0153e57
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5be2670226b692507573b122792f49a59f4d4bd8db24797883cdb920d5e7337
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

premiuminter.forum2x2.ru Open in urlscan Pro 94.23.159.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

107 Requests

100 %HTTPS

52 %IPv6

30 Domains

43 Subdomains

39 IPs

7 Countries

1513 kBTransfer

3538 kBSize

6 Cookies

8 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

premiuminter.forum2x2.ru Open in urlscan Pro
94.23.159.185 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

100 %
HTTPS

52 %
IPv6

30
Domains

43
Subdomains

39
IPs

7
Countries

1513 kB
Transfer

3538 kB
Size

6
Cookies

107 HTTP transactions
4 data transactions