www.paladiny.ru Open in urlscan Pro
146.185.148.189 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.paladiny.ru/
Effective URL:
http://www.paladiny.ru/index.dwar.php
Submission: On January 13 via api (January 13th 2024, 4:47:48 pm UTC) from US — Scanned from NL

Summary HTTP 273 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 50 IPs in 9 countries across 62 domains to perform 273 HTTP transactions. The main IP is 146.185.148.189, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is www.paladiny.ru.

This is the only time www.paladiny.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25 83	146.185.148.189 146.185.148.189	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
30	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	178.22.89.12 178.22.89.12	47764 (VK-AS) (VK-AS)
9	188.93.63.157 188.93.63.157	47764 (VK-AS) (VK-AS)
1 1	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
2	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	185.12.127.130 185.12.127.130	50214 (QWARTA) (QWARTA)
14	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2 5	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
2 39	193.3.184.137 193.3.184.137	50214 (QWARTA) (QWARTA)
2 4	193.3.184.211 193.3.184.211	50214 (QWARTA) (QWARTA)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2 2	193.232.150.46 193.232.150.46	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	195.209.108.58 195.209.108.58	52007 (ADRIVER) (ADRIVER)
2	81.222.128.216 81.222.128.216	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:20:... 2606:4700:20::ac43:4ab4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.230.131.22 37.230.131.22	200197 (HYBRID-PO...) (HYBRID-POLAND)
4 6	185.15.175.134 185.15.175.134	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	195.201.57.28 195.201.57.28	24940 (HETZNER-AS) (HETZNER-AS)
2 2	138.201.192.161 138.201.192.161	24940 (HETZNER-AS) (HETZNER-AS)
1 1	94.228.127.171 94.228.127.171	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1 1	83.222.96.170 83.222.96.170	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2 2	5.189.234.227 5.189.234.227	50340 (SELECTEL-MSK) (SELECTEL-MSK)
2 2	178.170.192.140 178.170.192.140	208677 (CLOUDRU-AS) (CLOUDRU-AS)
2 2	96.46.186.61 96.46.186.61	7979 (SERVERS-COM) (SERVERS-COM)
1 1	78.140.242.69 78.140.242.69	209974 (AS-ITGLOB...) (AS-ITGLOBALCOM-RU ITGLOBAL.COM Russia)
2 2	217.66.147.41 217.66.147.41	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
4 4	217.66.147.36 217.66.147.36	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
3 4	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
1 1	195.201.198.232 195.201.198.232	24940 (HETZNER-AS) (HETZNER-AS)
1 1	185.98.54.153 185.98.54.153	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.109.65.188 65.109.65.188	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1 1	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1 2	188.42.105.220 188.42.105.220	7979 (SERVERS-COM) (SERVERS-COM)
2 3	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 3	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	188.120.241.47 188.120.241.47	29182 (RU-JSCIOT) (RU-JSCIOT)
1	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
2 2	94.130.221.58 94.130.221.58	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.111.107.44 23.111.107.44	39134 (UNITEDNET) (UNITEDNET)
1 1	167.235.9.235 167.235.9.235	24940 (HETZNER-AS) (HETZNER-AS)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
2 2	167.235.117.42 167.235.117.42	24940 (HETZNER-AS) (HETZNER-AS)
1	37.18.110.198 37.18.110.198	208677 (CLOUDRU-AS) (CLOUDRU-AS)
2 3	83.222.117.90 83.222.117.90	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
3 3	217.199.220.44 217.199.220.44	61400 (NETRACK-AS) (NETRACK-AS)
1 1	178.170.196.247 178.170.196.247	208677 (CLOUDRU-AS) (CLOUDRU-AS)
2 2	185.40.31.213 185.40.31.213	61400 (NETRACK-AS) (NETRACK-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
1	91.192.150.36 91.192.150.36	42481 (BEGUN-AS) (BEGUN-AS)
1 1	45.139.25.120 45.139.25.120	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
8 13	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 7	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
4	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:58c::1ec4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.197.149.186 23.197.149.186	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
273	50

83 146.185.148.189 (Amsterdam, Netherlands) 25 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: nihost.ru

www.paladiny.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.22.89.12 (Moscow, Russian Federation)

ASN47764 (VK-AS, RU)
PTR: dragon63.ext.terrhq.ru

w2.dwar.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.93.63.157 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: 188-93-63-157.ext.terrhq.ru

w1.dwar.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dwar.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.18 (Russian Federation) 1 redirects

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.17 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.12.127.130 (Russian Federation)

ASN50214 (QWARTA, RU)

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.163.52.67 (Russian Federation) 2 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

d4.c1.b4.a1.top.list.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 193.3.184.137 (Russian Federation) 2 redirects

ASN50214 (QWARTA, RU)
PTR: asrv321.qwarta.ru

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.3.184.211 (Russian Federation) 2 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Russian Federation) 5 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.46 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp3.senders.rutube.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.58 (Russian Federation) 2 redirects

ASN52007 (ADRIVER, RU)

ev.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4ab4 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.230.131.22 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.15.175.134 (Russian Federation) 4 redirects

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.57.28 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.57.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.192.161 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-9.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.228.127.171 (St Petersburg, Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)
PTR: da21112.timeweb.ru

s.ccsyncuuid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.222.96.170 (Russian Federation) 1 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.189.234.227 (Moscow, Russian Federation) 2 redirects

ASN50340 (SELECTEL-MSK, RU)

sync.adspend.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.170.192.140 (Russian Federation) 2 redirects

ASN208677 (CLOUDRU-AS, RU)

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mts-dsp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.46.186.61 (United States) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.140.242.69 (Moscow, Russian Federation) 1 redirects

ASN209974 (AS-ITGLOBALCOM-RU ITGLOBAL.COM Russia, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.41 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-41-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.36 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-36-147-66-217.spbmts.ru

vma.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.108.119.28 (Russian Federation) 3 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.198.232 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.232.198.201.195.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.98.54.153 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.65.188 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.188.65.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.105.220 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.158 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.172 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

pix.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.120.241.47 (Russian Federation) 1 redirects

ASN29182 (RU-JSCIOT, RU)
PTR: sync01.platforma.id

77662b8a-b233-11ee-bbb1-002590c82436.n1.sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.221.58 (Reilingen, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.58.221.130.94.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.9.235 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.235.9.235.167.clients.your-server.de

match.ohmy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.117.42 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.42.117.235.167.clients.your-server.de

sync.programmatica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.110.198 (Russian Federation)

ASN208677 (CLOUDRU-AS, RU)

dmp.sbermarketing.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 83.222.117.90 (Russian Federation) 2 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.199.220.44 (Russian Federation) 3 redirects

ASN61400 (NETRACK-AS, RU)
PTR: s4.kimberlite.io

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.170.196.247 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS, RU)
PTR: fr12.segmento.ru

solta-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.40.31.213 (Moscow, Russian Federation) 2 redirects

ASN61400 (NETRACK-AS, RU)

sync.dsp.solta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.150.36 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: sync.rambler.ru

sync.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.139.25.120 (Moscow, Russian Federation) 1 redirects

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

ssp.afp.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.98 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.85 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:58c::1ec4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

secure.insightexpressai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.197.190 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.197.149.186 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-149-186.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	paladiny.ru 25 redirects www.paladiny.ru	547 KB
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	570 KB
39	acint.net 2 redirects www.acint.net — Cisco Umbrella Rank: 25446 acint.net — Cisco Umbrella Rank: 20793	37 KB
33	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	190 KB
15	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	494 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29340 ad4m.at — Cisco Umbrella Rank: 11475 assets.ad4m.at — Cisco Umbrella Rank: 41583	156 KB
12	dwar.ru w2.dwar.ru w1.dwar.ru dwar.ru	505 KB
8	mts.ru 8 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 34948 vma.mts.ru — Cisco Umbrella Rank: 37422 tech.rtb.mts.ru — Cisco Umbrella Rank: 42626	5 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	4 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	322 KB
7	yandex.com 4 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	4 KB
7	bumlam.com 5 redirects sync.bumlam.com — Cisco Umbrella Rank: 4420 pix.bumlam.com — Cisco Umbrella Rank: 97912 77662b8a-b233-11ee-bbb1-002590c82436.n1.sync.bumlam.com	4 KB
6	digitaltarget.ru 4 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 124846 dmg.digitaltarget.ru — Cisco Umbrella Rank: 21957	22 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	5 KB
5	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 10239 ad.mail.ru — Cisco Umbrella Rank: 11254	4 KB
5	sape.ru 2 redirects cdn-rtb.sape.ru — Cisco Umbrella Rank: 70671 ssp-rtb.sape.ru — Cisco Umbrella Rank: 25777	46 KB
4	aidata.io 3 redirects x01.aidata.io — Cisco Umbrella Rank: 14168	2 KB
4	adriver.ru 2 redirects ev.adriver.ru — Cisco Umbrella Rank: 31767 ssp.adriver.ru — Cisco Umbrella Rank: 27660	2 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982 an.yandex.ru — Cisco Umbrella Rank: 6258	58 KB
4	rambler.ru 1 redirects counter.rambler.ru — Cisco Umbrella Rank: 149568 kraken.rambler.ru — Cisco Umbrella Rank: 35890 sync.rambler.ru — Cisco Umbrella Rank: 41171	120 KB
3	awin1.com www.awin1.com — Cisco Umbrella Rank: 16092	2 KB
3	gstatic.com www.gstatic.com	17 KB
3	kimberlite.io 3 redirects kimberlite.io — Cisco Umbrella Rank: 30029	2 KB
3	com.ru 2 redirects adx.com.ru — Cisco Umbrella Rank: 43147	786 B
3	rutarget.ru 3 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 138659 solta-sync.rutarget.ru — Cisco Umbrella Rank: 58572 mts-dsp-sync.rutarget.ru — Cisco Umbrella Rank: 73935	1 KB
2	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 164401 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 125344	1010 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1376	495 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1946	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 843 r.turn.com — Cisco Umbrella Rank: 4167	869 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
2	solta.io 2 redirects sync.dsp.solta.io — Cisco Umbrella Rank: 38915	444 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 13701	716 B
2	programmatica.com 2 redirects sync.programmatica.com — Cisco Umbrella Rank: 57533	490 B
2	bidderstack.com 2 redirects nr.bidderstack.com — Cisco Umbrella Rank: 42708	890 B
2	gonet-ads.com 1 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 39250	634 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1908	1 KB
2	adspend.space 2 redirects sync.adspend.space — Cisco Umbrella Rank: 46634	636 B
2	upravel.com 2 redirects sync.upravel.com — Cisco Umbrella Rank: 37153	1 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 18494	829 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 707	444 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	insightexpressai.com secure.insightexpressai.com — Cisco Umbrella Rank: 1968
1	afp.ai 1 redirects ssp.afp.ai — Cisco Umbrella Rank: 30128	297 B
1	sbermarketing.ru dmp.sbermarketing.ru — Cisco Umbrella Rank: 76381	667 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1634	22 B
1	ohmy.bid 1 redirects match.ohmy.bid — Cisco Umbrella Rank: 54128	289 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 103318	753 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 11938	287 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 37636	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 35560	482 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10769	208 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 20936	176 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 33704	304 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 51985	169 B
1	ccsyncuuid.net 1 redirects s.ccsyncuuid.net — Cisco Umbrella Rank: 59714	200 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 23229	69 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 11851	282 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 41180	752 B
1	list.ru 1 redirects d4.c1.b4.a1.top.list.ru	975 B
273	62

	Domain	Requested by
83	www.paladiny.ru	25 redirects www.paladiny.ru
33	www.acint.net	2 redirects cdn-rtb.sape.ru www.paladiny.ru www.acint.net
30	pagead2.googlesyndication.com	www.paladiny.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net s0.2mdn.net www.googletagservices.com
21	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com www.paladiny.ru s0.2mdn.net pagead2.googlesyndication.com
15	s0.2mdn.net	www.paladiny.ru s0.2mdn.net googleads.g.doubleclick.net
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
13	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net www.googletagservices.com s0.2mdn.net
7	mc.yandex.com	4 redirects www.paladiny.ru
6	assets.ad4m.at	as.ad4m.at
6	acint.net	www.acint.net
6	w1.dwar.ru	www.paladiny.ru
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dmg.digitaltarget.ru	4 redirects
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	ad.doubleclick.net	googleads.g.doubleclick.net www.googletagservices.com www.paladiny.ru
4	x01.aidata.io	3 redirects www.acint.net
4	vma.mts.ru	4 redirects
4	ssp-rtb.sape.ru	2 redirects cdn-rtb.sape.ru
4	top-fwz1.mail.ru	1 redirects www.paladiny.ru www.acint.net
3	www.awin1.com	as.ad4m.at
3	www.gstatic.com	googleads.g.doubleclick.net
3	kimberlite.io	3 redirects
3	adx.com.ru	2 redirects www.acint.net
3	pix.bumlam.com	2 redirects www.acint.net
3	sync.bumlam.com	2 redirects www.acint.net
3	mc.yandex.ru	1 redirects cdn-rtb.sape.ru www.paladiny.ru
3	dwar.ru	www.paladiny.ru
3	w2.dwar.ru	www.paladiny.ru
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	www.google.com	1 redirects tpc.googlesyndication.com
2	googleads4.g.doubleclick.net	www.paladiny.ru
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	sync.dsp.solta.io	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	sync.programmatica.com	2 redirects
2	nr.bidderstack.com	2 redirects
2	sync.gonet-ads.com	1 redirects www.acint.net
2	tech.rtb.mts.ru	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	ads.betweendigital.com	2 redirects
2	sync.adspend.space	2 redirects
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ssp.adriver.ru	www.acint.net
2	ev.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	counter.rambler.ru	1 redirects www.paladiny.ru
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	static-de.ad4mat.net	as.ad4m.at
1	onetag-sys.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	secure.insightexpressai.com	googleads.g.doubleclick.net
1	ssp.afp.ai	1 redirects
1	sync.rambler.ru	www.acint.net
1	ad.mail.ru	www.acint.net
1	mts-dsp-sync.rutarget.ru	1 redirects
1	solta-sync.rutarget.ru	1 redirects
1	dmp.sbermarketing.ru	www.acint.net
1	sync.adkernel.com	www.acint.net
1	match.ohmy.bid	1 redirects
1	cs.agency2.ru	1 redirects
1	an.yandex.ru	www.acint.net
1	77662b8a-b233-11ee-bbb1-002590c82436.n1.sync.bumlam.com	1 redirects
1	counter.yadro.ru	1 redirects
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	s.ccsyncuuid.net	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	d4.c1.b4.a1.top.list.ru	1 redirects
1	kraken.rambler.ru	www.paladiny.ru
1	cdn-rtb.sape.ru	www.paladiny.ru
273	87

This site contains links to these domains. Also see Links.

Domain
paladiny.ru
angelscity.combats.com
capitalcity.combats.com
w2.riot.mail.ru
w1.riot.mail.ru
dwar.ru
top100.rambler.ru
86bos.biz

Subject Issuer	Validity	Valid
*.sape.ru R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-04-17` - `2024-05-18`	a year	crt.sh
*.acint.net R3	`2023-12-31` - `2024-03-30`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
utraff.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2023-09-14` - `2024-09-13`	a year	crt.sh
*.digitaltarget.ru R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G4	`2023-06-19` - `2024-07-20`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-03-07` - `2024-04-07`	a year	crt.sh
new-programmatic.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-09-24` - `2024-03-24`	6 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2024-01-12` - `2025-02-12`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2023-10-06` - `2024-11-06`	a year	crt.sh
sync.rambler.ru R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.insightexpressai.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-16` - `2024-03-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 28 frames:

Primary Page: http://www.paladiny.ru/index.dwar.php
Frame ID: 30FE14EF9319E44A766FC963B35E6F91
Requests: 105 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 869FB26804214C3576FBF2FC8F78D9D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=600&slotname=1332047107&adk=1460880071&adf=2290519548&pi=t.ma~as.1332047107&w=160&lmt=1705164460&format=160x600&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&wgl=1&dt=1705164459885&bpp=2&bdt=263&idt=302&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=6926956670417&frm=20&pv=2&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=309
Frame ID: C100295C11125977D1F5401FB5E06B2C
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&adk=1812271804&adf=3025194257&lmt=1705164460&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&dt=1705164460233&bpp=3&bdt=611&idt=3&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=9
Frame ID: A027DAB636717A046A1A9960913244B1
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14
Frame ID: D8E90F4F1CE37603AE6C0F2D5C7E2EE7
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJmv3KQCELr9zLECGNvlwf8BMAE&v=APEucNU0jkpbs8_jRQ_vB59V3tFc2aQEgLU2OklSYXC23lyP7go1DfezzSJEjwBhzJWldYngkHoeaZaWlG9hs4Aua8gxZaJRXfWHMCxmH4_Sf4giup50nox0TvzF0Xof0EgULfLFwUKazvGXbiIRltHdqd14SkO0-UXGyxEBTtGxJiKN1edtbxg
Frame ID: C97CBEAAEAD77F5816FF726691B253A3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=280&adk=2238285969&adf=821804958&pi=t.aa~a.469292974~i.14~rp.1&w=551&fwrn=4&fwrnh=100&lmt=1705164460&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9553686225&ad_type=text_image&format=551x280&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&fwr=0&pra=3&rh=138&rw=551&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705164460921&bpp=1&bdt=1298&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0&nras=2&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=193&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10
Frame ID: D66546294C1DC13BFD1A0BE4D40DF9B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=280&adk=2238285969&adf=2522502942&pi=t.aa~a.469292974~i.16~rp.1&w=551&fwrn=4&fwrnh=100&lmt=1705164460&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9553686225&ad_type=text_image&format=551x280&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&fwr=0&pra=3&rh=138&rw=551&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705164460921&bpp=1&bdt=1299&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280&nras=3&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=193&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Frame ID: B354B496D0147AF786436DE43E52E92E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705164460&rafmt=1&to=qs&pwprc=9553686225&format=1200x90&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705164460981&bpp=1&bdt=1359&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280%2C551x280&nras=4&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1400&ady=4540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Frame ID: 557A1CC943237288013AE3DA778FC851
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 2EE5245F96BBF7AB42AF5E8A93173F4B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 655625BE28F624A42758ACF952738472
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B12F6E8AC7B84FCB68D8008F29303F84
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2DKBDNjygYiLDI7wEwAQ&v=APEucNXluowVjVvKlcxdT9k8tCw6bwEv-FB2YP-Gp-JaOLLHqt614N4RUran7klOOi-sG_k3M40ZxbrbEdLCWLXThoMsicUgO28CLmMwVclTr6--MbfKcENjJdQZJLxDWVsc5qVrWFzTRwEweamCRqZKvB3-1ERTy63MX8eElquKoPZ4mvviVrk
Frame ID: 76DBCFFB7C716BA14B9AEF5E65BE92DF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E16B50B18925ABF7D7404166320FD72B
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6128F74FA8C803D843A3FBE9A70722FE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A7974B8E8DFE5B57CA836EF873F8EE0C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1079CD206B4A73FEB6B40C5843DB9C32
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18221096529761682194/index.html?e=69&leftOffset=0&topOffset=0&c=o7dSnXVbpg&t=1&renderingType=2&ev=01_250
Frame ID: E09AEA6957F875126D1C4830CC7DAD65
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13656848552175302391/html/PromoIphone_TF-B-DF-1093_dis_160x600_es.html?ev=01_250
Frame ID: C3421A6A17F7B502A12222C322550F29
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kev8arm64d4j1xwez45c13hsgcgek1439thf500by7fyk5mgw7zkfpw7ggvft6r5r5wyk13n0n3dxmtzzkkjq9nwpnrdtf13a5yvztx6n86s6czb91x0p6f5yf2615xd5ne3rnp5rn38tyws978n5k748ftjq0026xgwzd4ye5hk7drnzq0fptc300qew3tpk1xxamsce22acct5k8nj1vqss7vvk2gafw77p7bphpew6mp3amf3edvttkg1jx9rxdwe7b7fbkpgseaackgg1ky6tcc74chnfcv0ebz7mkwe0g873g5a7ey8252avw3k0xt1tpr2aswja7qawqxs648j3p83q1649peefb1dhp15x64295a1pmy9qcxnq16q9dymzr11abxcyj9dmcr4fy81xctw7n3785srm1j4qcrg5qhf3ywnz0gb3hhxpp2vp75jebxx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%26client%3Dca-pub-5035092129732437%26adurl%3D
Frame ID: C4DE0EB927ADE4D67FB6A7EB9A6E3590
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Frame ID: 9B0C93138D15EFFC91E8A08448AC6844
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4198320720866CAAF0B147EF85DD7B4E
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: DADD6C149181F626093649AF574219F0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Frame ID: 4AB2376665AEBB8E9A2E80FA64787210
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=917968%2C919813%2C919812&b=XgrYuzfrfjwwzH6H4HetqtmrE6SQSkT5PDsRpK2%2CDZ17c3fwfgD8ja3HmH9t1tQxRTxSmTYr5U6qRK%2C9dk8UMfmfMPR4fKHBH2t7t3W7ku9SmTz28tK4Rj&f=e5k1U3fVf9BBgCjHZHet2C2G6JcwSQTKJktMP7D%2CdpkxsEfkf81ZetEHjHwtqC3ZdueS4T54Ese6XE%2C18QksbfKfX51Qh9HdH9tpCZQBGS2SKTGjwuG1je&c=728&d=90&e=&g=a283229e57e8c7434ba8f1e1ec695413%2F17678790889479843623&i=294559%2C28562%2C294560&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach67_Moda&r=1705164461767&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h197j2rcjnm2httekkjrdxtdkp213z9qfe3p08z3nmmq5k6nwhq4fyejgq6fwcwymtzqs68g6556t6acv6b6pkyb2a39eg0740jwpst2g63qck7x2g7rczky8zp8s1rmwmy3w61r3b0svr1v29qxr8yyqtnryczxmp0qwbbph8ttyjkpxs19xvcp39e36ejveafs35jz9kqxbktbckfwgtrk67s5znacc3zfwkzfbkbeg8ezfe76znjq8y54py1ta32wdjrfzt4t75wpm5ffrtxxm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%2526client%253Dca-pub-5035092129732437%2526adurl%253D&y=1&s=&z=0
Frame ID: DEEB674E6346E96F3E86FDA51F542F69
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Frame ID: A3B21B9D48A41B8C85911C45661D4E01
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D147BBAE19B78B8A83E739F0BEFFB76F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 41985212602230CC55D7E8C3C6A612B0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Орден Паладинов

Page URL History Show full URLs

http://www.paladiny.ru/ HTTP 302
http://www.paladiny.ru/index.dwar.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

273
Requests

57 %
HTTPS

27 %
IPv6

62
Domains

87
Subdomains

50
IPs

9
Countries

3089 kB
Transfer

6290 kB
Size

133
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: http://paladiny.ru/go/?http://w1.dwar.ru/info/forum/
Title: Прайм

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://w2.dwar.ru/info/forum/
Title: Минор

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://dwar.ru/user_info.php?nick=Mahpella

Search URL Search Domain Scan URL

URL: http://angelscity.combats.com/inf.pl?login=Kaetanna

Search URL Search Domain Scan URL

URL: http://capitalcity.combats.com/inf.pl?login=Nirava

Search URL Search Domain Scan URL

URL: http://angelscity.combats.com/inf.pl?login=Millenium%20Code

Search URL Search Domain Scan URL

URL: http://angelscity.combats.com/inf.pl?login=AI_Avenger

Search URL Search Domain Scan URL

URL: http://capitalcity.combats.com/inf.pl?login=%C2%E5%EB%E3%E0

Search URL Search Domain Scan URL

URL: http://angelscity.combats.com/inf.pl?login=k_arina

Search URL Search Domain Scan URL

URL: http://w2.riot.mail.ru/
Title: RIOT

Search URL Search Domain Scan URL

URL: http://w1.riot.mail.ru/riot/userview.html?nick=Jetkokos

Search URL Search Domain Scan URL

URL: http://dwar.ru/user_info.php?nick=null

Search URL Search Domain Scan URL

URL: http://dwar.ru/user_info.php?nick=http://w1.riot.mail.ru/riot/userview.html?nick=Draconia

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=8002

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=8017

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=8022

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=8007

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=8012

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=8027

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=8001

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=7894

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=7898

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=7896

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=7893

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=7897

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=7895

Search URL Search Domain Scan URL

URL: https://top100.rambler.ru/home?id=1449916

Search URL Search Domain Scan URL

URL: https://86bos.biz/
Title: slot gacor

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.paladiny.ru/ HTTP 302
http://www.paladiny.ru/index.dwar.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

http://www.paladiny.ru/go?http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif HTTP 301
http://www.paladiny.ru/go/?http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif HTTP 302
http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif

Request Chain 31

http://www.paladiny.ru/go?http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif HTTP 301
http://www.paladiny.ru/go/?http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif HTTP 302
http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif

Request Chain 32

http://www.paladiny.ru/go?http://w2.dwar.ru/info/images/mailru.gif HTTP 301
http://www.paladiny.ru/go/?http://w2.dwar.ru/info/images/mailru.gif HTTP 302
http://w2.dwar.ru/info/images/mailru.gif

Request Chain 33

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg HTTP 301
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg HTTP 302
http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg

Request Chain 34

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg HTTP 301
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg HTTP 302
http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg

Request Chain 35

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg HTTP 301
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg HTTP 302
http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg

Request Chain 36

http://www.paladiny.ru/go?http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif HTTP 301
http://www.paladiny.ru/go/?http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif HTTP 302
http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif

Request Chain 37

http://www.paladiny.ru/go?http://dwar.ru/images/data/artifacts/44064_end_up_book.gif HTTP 301
http://www.paladiny.ru/go/?http://dwar.ru/images/data/artifacts/44064_end_up_book.gif HTTP 302
http://dwar.ru/images/data/artifacts/44064_end_up_book.gif

Request Chain 38

http://www.paladiny.ru/go?http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif HTTP 301
http://www.paladiny.ru/go/?http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif HTTP 302
http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif

Request Chain 39

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg HTTP 301
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg HTTP 302
http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg

Request Chain 42

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg HTTP 301
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg HTTP 302
http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg

Request Chain 46

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg HTTP 301
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg HTTP 302
http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg

Request Chain 51

http://counter.rambler.ru/top100.jcn?1449916 HTTP 307
https://counter.rambler.ru/top100.jcn?1449916

Request Chain 76

http://d4.c1.b4.a1.top.list.ru/counter?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6940939893508644 HTTP 302
https://top-fwz1.mail.ru/counter?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6940939893508644;ver=30 HTTP 302
https://top-fwz1.mail.ru/counter2?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6940939893508644;ver=30

Request Chain 92

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=5303420AACBEA26534022FBA021391B5

Request Chain 93

https://px.adhigh.net/p/cm/sape?u=0100007FACBEA2653436EA04021A2749 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007FACBEA2653436EA04021A2749&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=u5OFywgnVlCN.AikABlGNA7jS7A

Request Chain 94

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4864240584 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AkYqrQEuJdXD0PNhA7LvEYg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FACBEA2653436EA04021A2749

Request Chain 99

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://www.acint.net/match?dp=71&euid=6bff403d-d9f8-4c38-b111-ff0ea11496ec HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14 HTTP 302
https://acint.net/match?dp=14&euid=5303420AACBEA26534022FBA021391B5

Request Chain 100

https://s.ccsyncuuid.net/match/5/?remote_uid=0100007FACBEA2653436EA04021A2749 HTTP 302
https://acint.net/match?dp=80&euid=lpY8IC9RzZbjsF4Dnh53

Request Chain 102

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=EMQQPUKL

Request Chain 103

https://sync.adspend.space/sape?uid=0100007FACBEA2653436EA04021A2749 HTTP 302
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D149d19b8-aace-4dc7-85b2-61ba18b34ce0 HTTP 302
https://www.acint.net/match?dp=98&euid=149d19b8-aace-4dc7-85b2-61ba18b34ce0

Request Chain 104

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=3-sQYS2dxpkz

Request Chain 105

https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007FACBEA2653436EA04021A2749&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007FACBEA2653436EA04021A2749&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1&rts=7096446958618352196 HTTP 302
https://acint.net/match?dp=107&euid=94f7e899-398b-530d-82e0-a089e7421e24

Request Chain 106

https://ads.adlook.me/csync?pid=sape&uid=0100007FACBEA2653436EA04021A2749&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=498b4181b03440b098d9076fd86f491c

Request Chain 107

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FACBEA2653436EA04021A2749 HTTP 301
https://vma.mts.ru/match/second?ssp=30&exu=0100007FACBEA2653436EA04021A2749 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=e814d066-51a0-4c69-8205-3f4b8fb43dee&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D30%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID HTTP 302
https://vma.mts.ru/em?next=30&em=2&ssp=aidata&id=e3COkPdBqFhZTMuAUqAIcg HTTP 301
https://www.acint.net/match?dp=125&euid=e814d066-51a0-4c69-8205-3f4b8fb43dee

Request Chain 108

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=2e661fd0-f9d4-45a2-55e6-7c280e70546a

Request Chain 109

https://s.uuidksinc.net/match/396/?remote_uid=0100007FACBEA2653436EA04021A2749 HTTP 302
https://www.acint.net/match?dp=127&euid=XWX5HS4nuNN8G8SeFbt8

Request Chain 110

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=rcgnxgii3m

Request Chain 112

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FACBEA2653436EA04021A2749 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FACBEA2653436EA04021A2749&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 113

https://sync.gonet-ads.com/match/sape.js?id=0100007FACBEA2653436EA04021A2749 HTTP 302
https://sync.gonet-ads.com/match/sape.js?id=0100007FACBEA2653436EA04021A2749&chk=1

Request Chain 114

https://sync.bumlam.com/?src=sap1&uid=0100007FACBEA2653436EA04021A2749 HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARit_YqtBmIgMDEwMDAwN0ZBQ0JFQTI2NTM0MzZFQTA0MDIxQTI3NDmiARB3ZiuKsjMR7ruxACWQyCQ2

Request Chain 115

https://pix.bumlam.com/sync/sape/check?sspuid=0100007FACBEA2653436EA04021A2749 HTTP 302
https://sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/sync_ok?guid=77662b8a-b233-11ee-bbb1-002590c82436 HTTP 302
https://77662b8a-b233-11ee-bbb1-002590c82436.n1.sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/done

Request Chain 117

https://nr.bidderstack.com/sape/cm?user_id=0100007FACBEA2653436EA04021A2749 HTTP 302
https://nr.bidderstack.com/sape/cm?user_id=0100007FACBEA2653436EA04021A2749&pupa=1 HTTP 302
https://www.acint.net/match?dp=251&euid=937dba13-394c-a379-c498-8e3e19b3e759

Request Chain 118

https://cs.agency2.ru/p?ssp=sp&uid=0100007FACBEA2653436EA04021A2749 HTTP 301
https://www.acint.net/match?dp=186&euid=298e825c-6571-44a1-81cf-acc8dcc5218c

Request Chain 119

https://match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP 302
https://www.acint.net/match?dp=217&euid=98989bd6-1fbd-4a9c-ae99-149f0e3e5df9

Request Chain 121

https://sync.programmatica.com/match/01 HTTP 302
https://sync.programmatica.com/match/01?chk=1 HTTP 302
https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_evid=8vhicaia6d0gnvnhrxxom892oalkpb77&user_prg=NDczOWJmNGE4YWQwM2E3Nw

Request Chain 122

https://adx.com.ru/sape-sync?uid=0100007FACBEA2653436EA04021A2749 HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007FACBEA2653436EA04021A2749 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65a2beadd41e0600017d93a9%2526r%253D%26webouid%3D{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65a2beadd41e0600017d93a9%2526r%253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=338815214 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65a2beadd41e0600017d93a9%26r%3D&webouid=Yd5wxRCgQx2V0/kHY447Iu

Request Chain 123

https://kimberlite.io/rtb/sync/sape2?u=0100007FACBEA2653436EA04021A2749 HTTP 307
https://solta-sync.rutarget.ru/sync HTTP 302
https://kimberlite.io/rtb/sync/segmento?u=3-sQYS2dxpkz HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZaK-rcprDqI HTTP 301
https://vma.mts.ru/match/second?ssp=59&exu=ZaK-rcprDqI HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=e814d066-51a0-4c69-8205-3f4b8fb43dee&return_url=https%3A%2F%2Fmts-dsp-sync.rutarget.ru%2Fsync%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D3%2526ssp%253Dsegmento%2526id%253D%2524%257BRUTARGET_VISITOR_ID%257D HTTP 302
https://mts-dsp-sync.rutarget.ru/sync?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D3%26ssp%3Dsegmento%26id%3D%24%7BRUTARGET_VISITOR_ID%7D HTTP 302
https://vma.mts.ru/em?next=59&em=3&ssp=segmento&id=3-sQYS2dxpkz HTTP 301
https://kimberlite.io/rtb/sync/mts?u=e814d066-51a0-4c69-8205-3f4b8fb43dee HTTP 307
https://www.acint.net/match?dp=243&euid=ZaK-rcprDqI

Request Chain 124

https://sync.dsp.solta.io/match/sape?id=0100007FACBEA2653436EA04021A2749 HTTP 302
https://sync.dsp.solta.io/match/sape?id=0100007FACBEA2653436EA04021A2749&chk=1 HTTP 302
https://www.acint.net/match?dp=260&euid=NGJlM2NjMzhiMmZmODRlNg

Request Chain 127

https://ssp.afp.ai/api/sync/sape HTTP 302
https://www.acint.net/match?dp=261&euid=6cd5338e-3b7f-4033-860e-20a385f784c2

Request Chain 129

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10247.ifvCsN-4j_RAWTbv2qoVzXmujkgdhfZ0UDlj2GkWN971WljUUuNeZBm439h81Hvu.9FAm16kxfO8NpeRWCTbZvN28x-c%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10247.6LGOwlLrr_Kp7w14SzgV9zss55ZlrSx0C64__umHeJh7ifjzhGZ5WvCvXXNU4h1t06GwaPFvbTLE2ERN5f05wwt2X-wPXGhvTD1_OnMzX6OxsApvbwo2wGVCeaJgZuZjA_moucToCNNNdSJ7GETPimsGS7fRobJ0gSxFxYewn8bgqxXxHduXMNMJFfc7yjFV6mGz_1ihnOW-Y1RbaNmsN11zMiC1LmM5jWNQZs4w-bk%2C.R-HamISjpKcr7wjcd7akCWefut0%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10247.wgY2JHvrHJDFS7RiQ3nPRHFQEAoMqnyKHhoVmehxf5cUWNSkmiipPHek7TjPlJnUIHYEoKE4T60g9MZ1wBoldjbzFJL1G8KNdulEclV_AJO4b7pzmfYCZE1Oatmk4erApGE_rvRmUOCPXe_jOc6qZVFj7Po97vtAKYfX04jPSjJilawTAD4ugCPsZR5scbAPGZh1Kv-PWktTo30MtZM0Mg%2C%2C.tvVPawmjq0j_IsyMnn-9pZrxcHU%2C

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1

Request Chain 140

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaK.rL8n-ZkV2igyWqk5XQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1&google_hm=2

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMxibmGF0q1caKiFm8n-nxY&google_cver=1

Request Chain 142

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE3OTIxNDM4MjA0NzczMzA4Mg%3D%3D

Request Chain 143

https://mc.yandex.com/watch/93290584?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2265a2beac-3ba5-e402-nx3k-5wmduhtb6aeh%22%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A0%3Als%3A1201357218684%3Ahid%3A155133910%3Az%3A60%3Ai%3A20240113174740%3Aet%3A1705164461%3Ac%3A1%3Arn%3A787536381%3Arqn%3A1%3Au%3A1705164461506857659%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C292%2C31%2C388%2C388%2C1%2C582%2C15%2C%2C%2C%2C1294%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705164458939%3Afp%3A854%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705164461%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr(14%2C14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/93290584/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2265a2beac-3ba5-e402-nx3k-5wmduhtb6aeh%22%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A0%3Als%3A1201357218684%3Ahid%3A155133910%3Az%3A60%3Ai%3A20240113174740%3Aet%3A1705164461%3Ac%3A1%3Arn%3A787536381%3Arqn%3A1%3Au%3A1705164461506857659%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C292%2C31%2C388%2C388%2C1%2C582%2C15%2C%2C%2C%2C1294%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705164458939%3Afp%3A854%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705164461%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 144

https://mc.yandex.com/watch/71281900?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1351407882931%3Ahid%3A155133910%3Az%3A60%3Ai%3A20240113174740%3Aet%3A1705164461%3Ac%3A1%3Arn%3A31751938%3Arqn%3A1%3Au%3A1705164461506857659%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C292%2C31%2C388%2C388%2C1%2C582%2C15%2C%2C%2C%2C1294%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705164458939%3Afp%3A854%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705164461%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1351407882931%3Ahid%3A155133910%3Az%3A60%3Ai%3A20240113174740%3Aet%3A1705164461%3Ac%3A1%3Arn%3A31751938%3Arqn%3A1%3Au%3A1705164461506857659%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C292%2C31%2C388%2C388%2C1%2C582%2C15%2C%2C%2C%2C1294%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705164458939%3Afp%3A854%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705164461%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1

Request Chain 184

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaK.rL8n-ZkV2igyWqk5XQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1&google_hm=2

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMxibmGF0q1caKiFm8n-nxY&google_cver=1

Request Chain 186

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE3OTIxNDM4MjA0NzczMzA4Mg%3D%3D

Request Chain 206

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 224

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOoGLe42VlRurkQDX5GYLrU&google_cver=1&google_push=AXcoOmSW-byfXPL4sbWAGbNOJ-R3rmt7vC9_0SLdSTCt5aBIBGP6xHOaYbDUCv7SUjYiTLv33m2RL31SESg_VY5BHqKimaX_y42y8Cq7VheQlwhgjT_16Cnwzy0KRkJSnv3ZJEnchrfO8QP6NmM06dQSGvEtUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc0ODcwMjA2ODk4MDk0NDE2Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOoGLe42VlRurkQDX5GYLrU&google_cver=1

Request Chain 227

https://a.tribalfusion.com/i.match?p=b6&u=CAESECqIXVA_ev_8j39MkciAwgc&google_cver=1&google_push=AXcoOmT-O9IID9Q9YaYlrZCihXJ_WbjA75vRnBIg5jara0xYYpZlX7dT0rP8rOM43udQf-B436KIVMk9mbEbbvZfJn16dgRxL1besL6ZDvYtH8x4DQ8NKdy6Rg-vN_c0pnrowdCTDY8ClS6z3nwW1UcWaBKFuvQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT-O9IID9Q9YaYlrZCihXJ_WbjA75vRnBIg5jara0xYYpZlX7dT0rP8rOM43udQf-B436KIVMk9mbEbbvZfJn16dgRxL1besL6ZDvYtH8x4DQ8NKdy6Rg-vN_c0pnrowdCTDY8ClS6z3nwW1UcWaBKFuvQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECqIXVA_ev_8j39MkciAwgc&google_cver=1&google_push=AXcoOmT-O9IID9Q9YaYlrZCihXJ_WbjA75vRnBIg5jara0xYYpZlX7dT0rP8rOM43udQf-B436KIVMk9mbEbbvZfJn16dgRxL1besL6ZDvYtH8x4DQ8NKdy6Rg-vN_c0pnrowdCTDY8ClS6z3nwW1UcWaBKFuvQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT-O9IID9Q9YaYlrZCihXJ_WbjA75vRnBIg5jara0xYYpZlX7dT0rP8rOM43udQf-B436KIVMk9mbEbbvZfJn16dgRxL1besL6ZDvYtH8x4DQ8NKdy6Rg-vN_c0pnrowdCTDY8ClS6z3nwW1UcWaBKFuvQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 228

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTpAI45bOYObPE3M4KvottA2PRRXi2I1WpwlFtZ9ePum1mEPtkwCwQcvBKSfy9GkhQGzkhp6PDqiUUX4JlihaeqnKTeK1KToaitlXGFdiWMg6DN9FxeyvIyT0G_1F5sZvf-YLCmb5Mraepme_1Mk-x6VWI&google_gid=CAESENjxc_d4osKM6cGAb3LAaNI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTpAI45bOYObPE3M4KvottA2PRRXi2I1WpwlFtZ9ePum1mEPtkwCwQcvBKSfy9GkhQGzkhp6PDqiUUX4JlihaeqnKTeK1KToaitlXGFdiWMg6DN9FxeyvIyT0G_1F5sZvf-YLCmb5Mraepme_1Mk-x6VWI&google_gid=CAESENjxc_d4osKM6cGAb3LAaNI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMTMxNjQ3NDEwMDAxODkzMzIwNTIwNg%3D%3D&google_push=AXcoOmTpAI45bOYObPE3M4KvottA2PRRXi2I1WpwlFtZ9ePum1mEPtkwCwQcvBKSfy9GkhQGzkhp6PDqiUUX4JlihaeqnKTeK1KToaitlXGFdiWMg6DN9FxeyvIyT0G_1F5sZvf-YLCmb5Mraepme_1Mk-x6VWI

Request Chain 229

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPyTXS1apoT2D_6_rWT03yY&google_cver=1&google_push=AXcoOmQsM9l60p5FfvxZJBI8pHsOiy8g8q5_IjE8LCRmPHBNXfotFTwz7gIzfTLjfQyhIA6i6hXVltdTSFXX79VxNRC8Mp12qNoIc6HJcfjTR7RrkYjX0RWloapvg3D0Kiz7kcNljda5ktZ5SExxaH95-iIuw1g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQsM9l60p5FfvxZJBI8pHsOiy8g8q5_IjE8LCRmPHBNXfotFTwz7gIzfTLjfQyhIA6i6hXVltdTSFXX79VxNRC8Mp12qNoIc6HJcfjTR7RrkYjX0RWloapvg3D0Kiz7kcNljda5ktZ5SExxaH95-iIuw1g

Request Chain 230

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDtXUVg7OA4MF7MvWvocD0M&google_cver=1&google_push=AXcoOmQ4xfEyhB5XhDudgw3k5cu1o_CxI7uhL5tUX7gBHG-2GQ08gES1ipx_XFh9R0VIkiWj0kjUXUp4AoR0zCuevAHsDHoEVULH3EwRNEKZwlbxo051mRm7TKY6TTDI2g5o6ioeqY3IbmVqwgiUpjCTf27lWGz_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ4xfEyhB5XhDudgw3k5cu1o_CxI7uhL5tUX7gBHG-2GQ08gES1ipx_XFh9R0VIkiWj0kjUXUp4AoR0zCuevAHsDHoEVULH3EwRNEKZwlbxo051mRm7TKY6TTDI2g5o6ioeqY3IbmVqwgiUpjCTf27lWGz_ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 241

https://dmg.digitaltarget.ru/1/1093/i/i?i=25562764819855.440635312732084&a=77&e=0100007FACBEA2653436EA04021A2749&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0100007FACBEA2653436EA04021A2749.sync:up.xdua:du2OgX4ONK2IRTiLsR7u1LXq.xps:xpsuvXAJZoFJSUtgJPBT9ZlUg.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1705164461777&i=25562764819855.440635312732084&a=77&e=0100007FACBEA2653436EA04021A2749&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0100007FACBEA2653436EA04021A2749.sync:up.xdua:du2OgX4ONK2IRTiLsR7u1LXq.xps:xpsuvXAJZoFJSUtgJPBT9ZlUg.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=AiCkr1gkkNKwKskFxXZQ

Request Chain 242

https://dmg.digitaltarget.ru/1/1093/i/i?i=25562764819855.525970257700874&a=77&e=0100007FACBEA2653436EA04021A2749&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0100007FACBEA2653436EA04021A2749.sync:up.xdua:du2OgX4ONK2IRTiLsR7u1LXq.xps:xpsuvXAJZoFJSUtgJPBT9ZlUg.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1705164461773&i=25562764819855.525970257700874&a=77&e=0100007FACBEA2653436EA04021A2749&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0100007FACBEA2653436EA04021A2749.sync:up.xdua:du2OgX4ONK2IRTiLsR7u1LXq.xps:xpsuvXAJZoFJSUtgJPBT9ZlUg.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=qCZlRT9kkU0a5iOFp.-p

273 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.dwar.php Show response
www.paladiny.ru/
Redirect Chain

http://www.paladiny.ru/
http://www.paladiny.ru/index.dwar.php

60 KB
15 KB

293ms
292ms

Document
text/html

146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 5e7e0351e1cb404be993cebab8a673f07e7fc85486b3af80ab8afd9f546d7ec8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 15250
Content-Type: text/html; charset=CP1251
Date: Sat, 13 Jan 2024 16:47:39 GMT
Server: nginx/1.9.2
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.29-1~dotdeb.0

Redirect headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 20
Content-Type: text/html; charset=CP1251
Date: Sat, 13 Jan 2024 16:47:39 GMT
Location: http://www.paladiny.ru/index.dwar.php
Server: nginx/1.9.2
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.29-1~dotdeb.0

GET
H/1.1 200
OK main.css
www.paladiny.ru/js/ 8 KB
8 KB 14ms
14ms Stylesheet
text/css 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paladiny.ru/js/main.css
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 36d71a4322b43e8bc7f079e0e9ff676e97ac8af955332e30de9d513e0ca8b861

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:32:27 GMT
Server: nginx/1.9.2
ETag: "4865080b-1e84"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7812

GET
H/1.1 200
OK logo.jpg
www.paladiny.ru/pics/ 23 KB
23 KB 28ms
14ms Image
image/jpeg 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/logo.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: da3aac110278116dac2ac2359465f8c511d12cee712ca74e828350e891c92846

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:18 GMT
Server: nginx/1.9.2
ETag: "4865087a-5ac8"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23240

GET
H/1.1 200
OK pob.gif
www.paladiny.ru/pics/ 1 KB
1 KB 29ms
14ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/pob.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: d251101f3039f702bd870b1e4ae92addc42f895f3f9699f0d1341aaed075c47f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:22 GMT
Server: nginx/1.9.2
ETag: "4865087e-4eb"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1259

GET
H/1.1 200
OK tmbg.gif
www.paladiny.ru/pics/ 148 B
384 B 14ms
14ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/tmbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 487238b9c9c6d7ade7161ece3909d28315189cddd05644fd918b5b7dc40b0929

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:40:23 GMT
Server: nginx/1.9.2
ETag: "486509e7-94"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 148

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
54 KB 87ms
67ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f5895f20f4c9c3da14b56c49a3cd1c40152df4f61a6c2561d6ea3e069124ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54442
X-XSS-Protection: 0
Server: cafe
ETag: 13742637639790990009
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires: Sat, 13 Jan 2024 16:47:39 GMT

GET
H/1.1 200
OK spacer.gif
www.paladiny.ru/pics/ 43 B
278 B 16ms
13ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/spacer.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 74e51ad76a9c144a79ddce4488618495769b9c3af5b6ff4651315545850ae3a2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:40:21 GMT
Server: nginx/1.9.2
ETag: "486509e5-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H/1.1 200
OK lmli.gif
www.paladiny.ru/pics/ 104 B
340 B 26ms
14ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmli.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 46612b2c33d8502a26bef927b364c85ba1bd5e8c9491bb9c369ec9d8900682ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:16 GMT
Server: nginx/1.9.2
ETag: "48650878-68"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104

GET
H/1.1 200
OK lmenurt.gif
www.paladiny.ru/pics/ 281 B
518 B 27ms
15ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmenurt.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: e2ed7d372b4df9b6132f8bc5ee9534994a37790e9f8612c89de3131ac0a3ee76

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:16 GMT
Server: nginx/1.9.2
ETag: "48650878-119"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 281

GET
H/1.1 200
OK txttbg.gif
www.paladiny.ru/pics/ 1 KB
1 KB 17ms
17ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/txttbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: cfdbae1c302cf3e3cf68a0b9a049503fbec2165e1ee9b783bc67b7c4deb657c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:40:24 GMT
Server: nginx/1.9.2
ETag: "486509e8-453"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1107

GET
H/1.1 200
OK dwar.gif
www.paladiny.ru/pics/cities/verysmall/ 1 KB
1 KB 16ms
14ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/cities/verysmall/dwar.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 82a243f1185d308e2b5425cb7870d71365d75c741f0bd146be301110ca1bb471

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:01 GMT
Server: nginx/1.9.2
ETag: "48650869-40c"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1036

GET
H/1.1 200
OK player_info.gif
www.paladiny.ru/images/ 122 B
358 B 14ms
14ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/player_info.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 11011bbf0d3cb26e0fceafca878f9b4c4f2e6f8c9c3a16ac3596bf728a9e13aa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:39 GMT
Server: nginx/1.9.2
ETag: "4865079f-7a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122

GET
H/1.1 200
OK 8833478.gif
www.paladiny.ru/images/data/clans/ 547 B
784 B 17ms
15ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/data/clans/8833478.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: cec8daa3247004d679962186c0e4ab619a2e2e268be83a9f0e30a63941fed980

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:20:47 GMT
Server: nginx/1.9.2
ETag: "4865054f-223"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 547

GET
H/1.1 200
OK 5501173.gif
www.paladiny.ru/images/data/clans/ 570 B
807 B 14ms
13ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/data/clans/5501173.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 467da83dd32db97c82e624d9023508f35a223e803d50551c6aa8efe5600f44f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Mon, 09 Feb 2009 12:35:51 GMT
Server: nginx/1.9.2
ETag: "49902327-23a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 570

GET
H/1.1 200
OK victory.gif
www.paladiny.ru/pics/smiles/2/ 3 KB
3 KB 14ms
13ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/smiles/2/victory.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 6b9159f40e567f25875eea66a419bac05adb855287a6a5ea89db394abbc3c12e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:36:49 GMT
Server: nginx/1.9.2
ETag: "48650911-a01"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2561

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 2 KB
2 KB 20ms
19ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fpaladiny.ru%2Fpics%2Fbuttons%2FRU%2Fupdate_8.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: c664d5978cf581aed82573b3aa67871eafed5cbab4a9fa2b606d24d0fb849aee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:39 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 1911
Expires: Sat, 13 Jan 2024 16:47:39 GMT

GET
H/1.1 200
OK inf.gif
www.paladiny.ru/images/dwar/ 122 B
358 B 21ms
20ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/dwar/inf.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 11011bbf0d3cb26e0fceafca878f9b4c4f2e6f8c9c3a16ac3596bf728a9e13aa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:20:50 GMT
Server: nginx/1.9.2
ETag: "48650552-7a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 2 KB
2 KB 120ms
119ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fpaladiny.ru%2Fpics%2Fbuttons%2FRU%2Fupdate_5.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 8c1e06daa0635ddc986efacf5d8d75e0bd042630b25ff3ff89a016eea620d5fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:39 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 1922
Expires: Sat, 13 Jan 2024 16:47:39 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 1019ms
603ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2Fqst_osk_vozd_1.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 6928d950213d68037a85890346f61be7cac1532a37a3ff788bb2c2bfc9aefe2b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:40 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3070
Expires: Sat, 13 Jan 2024 16:47:40 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 2015ms
598ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2Fqst_osk_voda_1.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: d4dc068700802f1a3ff3f640e249a537e3c10deefd2fd33fb614bc1c5f022f8c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:41 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3040
Expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 2115ms
572ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2Fqst_osk_svet_1.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 9c98d0d06e9875cb3b2b2550bd6bf077c4a30952e60d20e72ca59c6df4627d1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:41 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 2946
Expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 1537ms
621ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2Fqst_osk_ogon_1.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 664cd053448edad7c51b1a5e024c9ae8b9f727593d023864b99d9b909ed48c2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:41 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 2921
Expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 1715ms
594ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2Fqst_osk_zem_1.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 4227347d816335bc568470d0c065ce379f906fca2214f5b210d6ac32f0f1cf81

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:41 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3121
Expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 720ms
534ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2Fqst_osk_ten_1.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 07bcf6f000a5d0e894101001323f067a0132fe8c065218e55a54b4c44b892632

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:40 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3057
Expires: Sat, 13 Jan 2024 16:47:40 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
4 KB 1619ms
599ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2Fqst_oprava_stix.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 4909f41909ddc2270c51040c1b2548c64696cb652fa9348221b3cf52c38df337

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:41 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3380
Expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 815ms
599ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2F50867_am_vozduh.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: b8799aee68c4e47eaebfb86799362bd4dd73a199d661a0d6838d3e83cacbdec4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:40 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3298
Expires: Sat, 13 Jan 2024 16:47:40 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 916ms
603ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2F50867_am_voda.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: aad4d0b19ec249e3b35d8a085b29ed2e9b84388e511ea5dbb31df9e1d1a18ae6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:40 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3184
Expires: Sat, 13 Jan 2024 16:47:40 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
4 KB 1416ms
600ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2F50867_am_svet.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 6c7bd67d4e974ad78e9c8f024603ef0c1bd0ae2f5d8b1fe68e058be32a748bdc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:41 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3362
Expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 1218ms
599ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2F50867_am_ogon.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 2611916f938882a3b2abbffb2ca0af48b22dbdb42bac519fe4c5962f7715ecdf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:40 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3201
Expires: Sat, 13 Jan 2024 16:47:40 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 1920ms
603ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2F50867_am_zeml.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 692050722f9a8d3f195948f6f6611f678ca177e029da1d1c3138fd04a2d19d05

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:41 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3302
Expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 1815ms
596ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2F50867_am_ten.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: e21dd1f07b60c27a6658e8d07e62973b6efeb112eb512741d58fe5fa72a301d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:41 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3231
Expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H/1.1

200
OK

240809_runa_fev.gif
w2.dwar.ru/images/data/artifacts/
Redirect Chain

http://www.paladiny.ru/go?http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif
http://www.paladiny.ru/go/?http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif
http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif

5 KB
5 KB

57ms
56ms

Image
image/gif

178.22.89.12
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 178.22.89.12 Moscow, Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: dragon63.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: 84c778ec8e53f897b7ed92b2e556a04229ffdcfc65a53c42d7fb2654d359c83b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:42 GMT
Last-Modified: Tue, 13 Apr 2010 07:03:25 GMT
Server: nginx/1.17.4
ETag: "4bc4173d-1246"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4678
Expires: Sat, 20 Jan 2024 16:47:42 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:42 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

7937_fev_blue.gif
w2.dwar.ru/images/data/artifacts/
Redirect Chain

http://www.paladiny.ru/go?http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif
http://www.paladiny.ru/go/?http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif
http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif

5 KB
5 KB

189ms
130ms

Image
image/gif

178.22.89.12
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 178.22.89.12 Moscow, Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: dragon63.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: d9a646084d08615946bbce7d4b06dfe8e6bed44733e42aaf03cd3e564a6a4b7c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:42 GMT
Last-Modified: Thu, 29 Apr 2010 13:39:08 GMT
Server: nginx/1.17.4
ETag: "4bd98bfc-1245"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4677
Expires: Sat, 20 Jan 2024 16:47:42 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:42 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

mailru.gif
w2.dwar.ru/info/images/
Redirect Chain

http://www.paladiny.ru/go?http://w2.dwar.ru/info/images/mailru.gif
http://www.paladiny.ru/go/?http://w2.dwar.ru/info/images/mailru.gif
http://w2.dwar.ru/info/images/mailru.gif

3 KB
3 KB

183ms
117ms

Image
image/gif

178.22.89.12
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w2.dwar.ru/info/images/mailru.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 178.22.89.12 Moscow, Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: dragon63.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: d76a1715a5e2fd386a0fa2eeb08818d38eb8069a689f5e3d78b93f6dd8b0f060

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:42 GMT
Last-Modified: Mon, 21 Dec 2009 13:00:02 GMT
Server: nginx/1.17.4
ETag: "10009083190-a8a-47b3caae17880"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2698
Expires: Sat, 20 Jan 2024 16:47:42 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:41 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w2.dwar.ru/info/images/mailru.gif
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

40369_3_18_ezdovoj_volk2.jpg
w1.dwar.ru/images/data/bots/
Redirect Chain

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg
http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg

119 KB
119 KB

192ms
120ms

Image
image/jpeg

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: a9545d5aaaffeaa1d0c5e92529a2e1b3ac276c1ab9f2201e5a4d6aecf31d662b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Last-Modified: Fri, 21 May 2010 13:01:22 GMT
Server: nginx/1.17.4
ETag: "4bf68422-1db25"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 121637
Expires: Sat, 20 Jan 2024 16:47:43 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:42 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

40371_0_18_nosorog2.jpg
w1.dwar.ru/images/data/bots/
Redirect Chain

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg
http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg

128 KB
129 KB

166ms
111ms

Image
image/jpeg

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: fd4424b11c227abdf21fecb2be1ba5d1ce2ebbe9018378a40ea62c062401cf04

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Last-Modified: Fri, 21 May 2010 08:41:28 GMT
Server: nginx/1.17.4
ETag: "4bf64738-2012c"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 131372
Expires: Sat, 20 Jan 2024 16:47:43 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:42 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

40374_3_18_pantera2.jpg
w1.dwar.ru/images/data/bots/
Redirect Chain

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg
http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg

109 KB
109 KB

151ms
101ms

Image
image/jpeg

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: 18863edc17d105efe80f3ca8d2833dcbac289e1de33d7bb2ecfb53a4a2136b11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Last-Modified: Thu, 13 May 2010 12:30:59 GMT
Server: nginx/1.17.4
ETag: "4bebf103-1b223"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111139
Expires: Sat, 20 Jan 2024 16:47:43 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

44064_grum_up_book.gif
dwar.ru/images/data/artifacts/
Redirect Chain

http://www.paladiny.ru/go?http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif
http://www.paladiny.ru/go/?http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif
http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif

3 KB
4 KB

388ms
115ms

Image
image/gif

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: 9f20d1e58609e8d73a77c16bf2ff3a53b87439cfd537dff3bd344c86b400d760

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Last-Modified: Tue, 18 May 2010 06:45:28 GMT
Server: nginx/1.17.4
ETag: "4bf23788-d13"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3347
Expires: Sat, 20 Jan 2024 16:47:43 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

44064_end_up_book.gif
dwar.ru/images/data/artifacts/
Redirect Chain

http://www.paladiny.ru/go?http://dwar.ru/images/data/artifacts/44064_end_up_book.gif
http://www.paladiny.ru/go/?http://dwar.ru/images/data/artifacts/44064_end_up_book.gif
http://dwar.ru/images/data/artifacts/44064_end_up_book.gif

3 KB
4 KB

289ms
116ms

Image
image/gif

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dwar.ru/images/data/artifacts/44064_end_up_book.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: b4b64eb2181cf8894c2e85c0c757bdcd346d6274fc3b2a8a450abc9717c571ac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Last-Modified: Tue, 18 May 2010 06:45:17 GMT
Server: nginx/1.17.4
ETag: "4bf2377d-d0a"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3338
Expires: Sat, 20 Jan 2024 16:47:43 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://dwar.ru/images/data/artifacts/44064_end_up_book.gif
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

44064_shan_up_book.gif
dwar.ru/images/data/artifacts/
Redirect Chain

http://www.paladiny.ru/go?http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif
http://www.paladiny.ru/go/?http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif
http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif

3 KB
4 KB

204ms
123ms

Image
image/gif

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: 6757a794295d7c879b85d298940e47ba17ba94d73399101b1eb90081f703783f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Last-Modified: Tue, 18 May 2010 06:45:00 GMT
Server: nginx/1.17.4
ETag: "4bf2376c-d5e"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3422
Expires: Sat, 20 Jan 2024 16:47:43 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

stareyshina_human2.jpg
w1.dwar.ru/images/data/npcs/
Redirect Chain

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg
http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg

11 KB
11 KB

50ms
50ms

Image
image/jpeg

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: 0e5dd0968f7537aa57747c32f3a41751961bb82b27cee5d9562197c02db5324f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Last-Modified: Thu, 14 Jun 2007 07:55:24 GMT
Server: nginx/1.17.4
ETag: "4670f46c-2a96"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10902
Expires: Sat, 20 Jan 2024 16:47:43 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK human.gif
www.paladiny.ru/images/dwar/ 1015 B
1 KB 14ms
13ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/dwar/human.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 213bb8cd33e8de49166a067eaa45fdd8b1649e3df576b4a1c43151e31c474fe4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Last-Modified: Fri, 27 Jun 2008 15:20:49 GMT
Server: nginx/1.9.2
ETag: "48650551-3f7"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1015

GET
H/1.1 200
OK magmar.gif
www.paladiny.ru/images/dwar/ 591 B
828 B 14ms
13ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/dwar/magmar.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: f930cf40c417e13546aac7229e5855de567565e4c2428bef6f7f9af21cb60d90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Last-Modified: Fri, 27 Jun 2008 15:20:51 GMT
Server: nginx/1.9.2
ETag: "48650553-24f"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 591

GET
H/1.1

200
OK

stareyshina_magmar.jpg
w1.dwar.ru/images/data/npcs/
Redirect Chain

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg
http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg

12 KB
12 KB

50ms
50ms

Image
image/jpeg

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: 9f2c57e3715b87f2abe5a04e67385cacb2a05d59ab1199a9913e5cd808f32f3b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:44 GMT
Last-Modified: Tue, 16 Oct 2007 13:08:49 GMT
Server: nginx/1.17.4
ETag: "4714b7e1-2e13"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11795
Expires: Sat, 20 Jan 2024 16:47:44 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 198 KB
198 KB 296ms
296ms Image
image/png 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fw1.dwar.ru%2Finfo%2Fpictures%2Fimage%2Fguild_human.png
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: b6c3cc61662396e5e69e08cae9a8bf73a62ffe433545c0d1783a30ac5a761e6a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png
Date: Sat, 13 Jan 2024 16:47:43 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 202603
Expires: Sat, 13 Jan 2024 16:47:43 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 188 KB
189 KB 318ms
318ms Image
image/png 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fw1.dwar.ru%2Finfo%2Fpictures%2Fimage%2Fguild_magm.png
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 6400a39fde3f088e724fa23ed2713c7bddd7e040887f160a1f10879de799b07e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png
Date: Sat, 13 Jan 2024 16:47:43 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 193013
Expires: Sat, 13 Jan 2024 16:47:43 GMT

GET
H/1.1 200
OK 95.png
www.paladiny.ru/images/magic/clans/ 3 KB
4 KB 14ms
14ms Image
image/png 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/magic/clans/95.png
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 769bcb8ae106f95598a693f66f8798cf3b52047ab7b1b7ff53a9077d1564a711

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:43 GMT
Last-Modified: Thu, 08 Jul 2010 14:19:03 GMT
Server: nginx/1.9.2
ETag: "4c35de57-d6e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3438

GET
H/1.1

200
OK

vodolaz_170210.jpg
w1.dwar.ru/images/data/bots/
Redirect Chain

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg
http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg

101 KB
102 KB

51ms
50ms

Image
image/jpeg

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: 0f883456ac7a160704cba073537061e2cc7cacffb5367ec79e9823ac37a25441

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:44 GMT
Last-Modified: Wed, 17 Feb 2010 13:00:57 GMT
Server: nginx/1.17.4
ETag: "4b7be889-195ce"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103886
Expires: Sat, 20 Jan 2024 16:47:44 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:44 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 12 KB
12 KB 580ms
580ms Image
image/jpeg 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fw1.dwar.ru%2Fimages%2Fdata%2Fnpcs%2FShearaNPC.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: b9d3550ec6290d4577c10314a6b5580fd0e7415bc9e3ad3dc7d439621b3d2c37

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/jpeg
Date: Sat, 13 Jan 2024 16:47:44 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 11917
Expires: Sat, 13 Jan 2024 16:47:44 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 94 B
317 B 450ms
449ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=5&I=glg_adm
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 20ff99e448fa1b08900e977609bd2a57537c99e7f190c1fc3549f778e1b5f879

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:44 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 94
Expires: Sat, 13 Jan 2024 16:47:44 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 4 KB
4 KB 548ms
548ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fw1.dwar.ru%2Fimages%2Fdata%2Fachievements%2Frep_gorodskaya2.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: e343b922783a7d473723eddf5276b370eac4f61f63aa09b4e9c675818619a5d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:44 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3623
Expires: Sat, 13 Jan 2024 16:47:44 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 506ms
506ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fw1.dwar.ru%2Fimages%2Fdata%2Fartifacts%2Fres_panc_dinihtis.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 1e97ec018a5a500f1b8046e66a18155ab2db29f2f63dad606a443b1196f83216

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:44 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3223
Expires: Sat, 13 Jan 2024 16:47:44 GMT

GET
H2

200

top100.jcn Show response
counter.rambler.ru/
Redirect Chain

http://counter.rambler.ru/top100.jcn?1449916
https://counter.rambler.ru/top100.jcn?1449916

118 KB
119 KB

244ms
136ms

Script
application/javascript

81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.rambler.ru/top100.jcn?1449916
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: 37881ae5efaa53b3231ecc5131134ffb7703e8c0f59fa5a1eb3ed70adc9a3473

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: application/octet-stream, application/javascript
date: Sat, 13 Jan 2024 16:47:40 GMT
server: nginx
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

Redirect headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://counter.rambler.ru/top100.jcn?1449916
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 164

GET
H2 200 5291.js Show response
cdn-rtb.sape.ru/teasers/js/291/2/ 104 KB
43 KB 333ms
210ms Script
application/javascript 185.12.127.130
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/teasers/js/291/2/5291.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.12.127.130 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

Software

openresty /

Resource Hash

1fb97f456dbe39ced7befd497425fcfa3eecdc38504fba0e353b47a490a56e97

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:39 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 13 Jan 2024 15:58:44 GMT
server: openresty
x-amz-request-id: 17A9F52325AE76B0
etag: W/"80b85f3d0d9f0364e2cbc7424e67c24c"
x-cache-status: HIT
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=3600
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 17:47:39 GMT

GET
H/1.1 200
OK orden.gif
www.paladiny.ru/pics/ 734 B
971 B 14ms
13ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/orden.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: aba4852dfc7b5f2bafef02200c329f1cb1ae85786eb6c359efc8b05bc3b2e59f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:20 GMT
Server: nginx/1.9.2
ETag: "4865087c-2de"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 734

GET
H/1.1 200
OK dbg.gif
www.paladiny.ru/pics/ 1 KB
1 KB 1634ms
14ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/dbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: ae1401ab4ddd9845a325bf809e93499c7d8bc0a52e8f032f206da67272aabcc0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:41 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:04 GMT
Server: nginx/1.9.2
ETag: "4865086c-447"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1095

GET
H/1.1 200
OK new.gif
www.paladiny.ru/images/ 3 KB
3 KB 16ms
16ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/new.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 0e10f07e21bdc3acceb8b6163bc8d6f749147a15abde39f6d65f5eae72d4e404

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:34 GMT
Server: nginx/1.9.2
ETag: "4865079a-a8a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2698

GET
H/1.1 200
OK apo_cvet.gif
www.paladiny.ru/images/img/klan/ 2 KB
2 KB 39ms
16ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/img/klan/apo_cvet.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 4e0f1cb81072fca61fa7f3bd64686888ed3b58e76940dc878de87f4ae51f5c64

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:31 GMT
Server: nginx/1.9.2
ETag: "48650797-6e5"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1765

GET
H/1.1 200
OK inf3.gif
www.paladiny.ru/images/img/ 76 B
311 B 55ms
13ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/img/inf3.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: d86f06fa78fa503f1cdf2c9de099f9e691871af0f4c05b10c2bc32399e4b8a48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:29 GMT
Server: nginx/1.9.2
ETag: "48650795-4c"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 334 B
558 B 215ms
192ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=3&I=1.9_vet
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 57d71b72317038d6bba7a8d12bbcf44969a75ac2da004911f803e1010ef5c79c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:39 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 334
Expires: Sat, 13 Jan 2024 16:47:39 GMT

GET
H/1.1 200
OK inf0.gif
www.paladiny.ru/images/img/ 78 B
313 B 135ms
15ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/img/inf0.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 40ed9971456e7552b7bcc66b4a048f01579b9c058293947df3abf9e23ce7e34c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:27 GMT
Server: nginx/1.9.2
ETag: "48650793-4e"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78

GET
H/1.1 200
OK inf5.gif
www.paladiny.ru/images/img/ 78 B
313 B 184ms
14ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/img/inf5.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 556f5f52b8aefd4caa5e44b22b6f5be1b9fa9a66cedd040244594ccbb3016479

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:30 GMT
Server: nginx/1.9.2
ETag: "48650796-4e"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 334 B
558 B 515ms
473ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=3&I=1.7_vet
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 070e94d6a0af14fc9fb82cf1c616b324c4cd508ec215667c80080663b06bdb0c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:40 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 334
Expires: Sat, 13 Jan 2024 16:47:40 GMT

GET
H/1.1 200
OK inf2.gif
www.paladiny.ru/images/img/ 76 B
311 B 150ms
13ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/img/inf2.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 4352e17e29cc43306f11c9e6d6e652a9bdad95b7469dea705d85d31a38089bf9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:29 GMT
Server: nginx/1.9.2
ETag: "48650795-4c"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 334 B
558 B 415ms
373ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=3&I=1.5_vet
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 082213dd11b283471559bdd96f0d8e4d3271e4cf891bb043ff40d1214425e306

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:40 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 334
Expires: Sat, 13 Jan 2024 16:47:40 GMT

GET
H/1.1 200
OK inf4.gif
www.paladiny.ru/images/img/ 76 B
311 B 167ms
15ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/img/inf4.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 77533c4f2b45519cfbaeac82d28c2c6ecb5e5106dedf6a45794f06c00051b5c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:29 GMT
Server: nginx/1.9.2
ETag: "48650795-4c"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 363 B
587 B 619ms
562ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=3&I=1.92_vet
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 10832e5bb99c670b86b3674ce3ff3982dc5819b970f36262ab117641835fea7f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 13 Jan 2024 16:47:40 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 363
Expires: Sat, 13 Jan 2024 16:47:40 GMT

GET
H/1.1 200
OK topbg.gif
www.paladiny.ru/pics/ 2 KB
2 KB 15ms
14ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/topbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 9136d411ae25e3b6095f96a4dd7a8e6e88d42af73d49bf7f447a53cf494913dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:40:24 GMT
Server: nginx/1.9.2
ETag: "486509e8-911"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2321

GET
H/1.1 200
OK loginbg.jpg
www.paladiny.ru/pics/ 5 KB
5 KB 38ms
15ms Image
image/jpeg 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/loginbg.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: fd7bd8899129d916ffbfa0b67e14f6dde1fd46008f042ef00dfbd7dd99361511

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:16 GMT
Server: nginx/1.9.2
ETag: "48650878-137a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4986

GET
H/1.1 200
OK lmenubg.gif
www.paladiny.ru/pics/ 75 B
310 B 16ms
15ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmenubg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: f1533d88066cf986a9dd24c2ada9e9386cbdd29793e1448af235bac55a16dbb0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:14 GMT
Server: nginx/1.9.2
ETag: "48650876-4b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75

GET
H/1.1 200
OK lmenuhbg.gif
www.paladiny.ru/pics/ 3 KB
4 KB 38ms
14ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmenuhbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: a13fa404297bf52896c2e3ddda49891e7f23c268d43a1cf04a03a2b02e32ad54

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:14 GMT
Server: nginx/1.9.2
ETag: "48650876-d30"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3376

GET
H/1.1 200
OK lmenurbg.gif
www.paladiny.ru/pics/ 63 B
298 B 40ms
16ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmenurbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: df1c3706de99045e28932083d74815c3bc1330c57de9c861e5f4e5de88ae70e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:15 GMT
Server: nginx/1.9.2
ETag: "48650877-3f"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63

GET
H/1.1 200
OK blbg.gif
www.paladiny.ru/pics/ 562 B
799 B 17ms
16ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/blbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/js/main.css
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: c5da2474740f8762021661a2d791f5d348e1109d60b0b11c319bddb16d089836

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/js/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:39 GMT
Last-Modified: Fri, 27 Jun 2008 15:33:14 GMT
Server: nginx/1.9.2
ETag: "4865083a-232"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 562

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 402 KB
137 KB 151ms
96ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5035092129732437&plah=www.paladiny.ru

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

810f042c00a2c0e83fca38177e28911f4e99e764c4db430245b0689999bc77dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139380
x-xss-protection: 0
server: cafe
etag: 7201351830230147836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 16:47:39 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 869F 9 KB
4 KB 78ms
20ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 54505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 01:39:14 GMT
etag: 9219409622527106327
expires: Sat, 27 Jan 2024 01:39:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C100 24 KB
11 KB 539ms
538ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=600&slotname=1332047107&adk=1460880071&adf=2290519548&pi=t.ma~as.1332047107&w=160&lmt=1705164460&format=160x600&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&wgl=1&dt=1705164459885&bpp=2&bdt=263&idt=302&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=6926956670417&frm=20&pv=2&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=309

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5035092129732437&plah=www.paladiny.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2674eff5653596ce98f9bfa4b31830358d221df49b9dca5c7426b9589c8013e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11072
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:47:40 GMT
expires: Sat, 13 Jan 2024 16:47:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 595 B
1 KB 126ms
115ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=1449916&session_id=427201643_1705164460229&session_number=1&session_event_number=1&version=3.15.1i&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.1449916.710798782.1705164460228&adtech_uid=4df32a7c-3bc0-48aa-bc75-14f6c9305d5e&adtech_uid_scope=paladiny.ru&fingerprint=pA8AAENKs1eq0%2F7tAWCRHwA%3D&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&request_id=1705164460.228-339535785&event_id=144544602308639&meta=%7B%22title%22%3A%22%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%22-60%22%7D&rn=2063808425
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: 16a992224a960c618cc1c18e44a4b6301a665cad4039374421247a353bd9db75

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
server: nginx
x-srv: 1kraken-prod0002.ad.rambler.tech
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 595

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

http://d4.c1.b4.a1.top.list.ru/counter?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6940939893508644
https://top-fwz1.mail.ru/counter?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6940939893508644;ver=30
https://top-fwz1.mail.ru/counter2?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6940939893508644;ver=30

584 B
1 KB

56ms
56ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6940939893508644;ver=30

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

ac2646f4de595bcabd0abe22a0a8b7ce22c9eb2d8c42c8fab6a0e53c80650878

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 584
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Sat, 13 Jan 2024 16:47:40 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.6940939893508644;ver=30
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 aci.js Show response
www.acint.net/ 30 KB
9 KB 182ms
68ms Script
application/x-javascript 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/291/2/5291.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: d9453129c16b0215069d80e4b526c0546b259fae8d615e1b3aa775a8d76bac57

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
content-encoding: gzip
last-modified: Thu, 11 Jan 2024 07:27:24 GMT
server: openresty
etag: "659f985c-2238"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 8760
expires: Sun, 14 Jan 2024 04:47:40 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A027 327 KB
93 KB 545ms
542ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&adk=1812271804&adf=3025194257&lmt=1705164460&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&dt=1705164460233&bpp=3&bdt=611&idt=3&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

528da13c7f7aaa99ff1c71ef80f1a62b2075b8de903ef9c873d34532496ee13b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 94719
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:47:40 GMT
expires: Sat, 13 Jan 2024 16:47:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 29 B
712 B 786ms
664ms Script
application/javascript 193.3.184.211
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_65a2beac3_9344077&srtbid=5291&scids=161201908,164073619&sx=1600&sy=3836&ref=&u=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&allimps=1&fl=0&v=3&tz=%2B01%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/291/2/5291.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.211 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: 2597e70b3392039de3923e17b5291442716bda6577bb117516200a325df816d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:41 GMT
Content-Encoding: gzip
Server: openresty
X-YaTraceId: b0655d6f9c41446aa5dcdb8ff92d3ce2
X-YaRequestId: 8dd82c4bf6f34ddfb5309ec338e26969
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
X-YaSpanId: 5af6d0882b948ecf
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 49
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 157 KB
56 KB 269ms
154ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/291/2/5291.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

fc0b834cbf1da15b1db4164eb42b2378ad6e5539a20f9e946f63b3e2cd0c024d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-dd84"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 56708
expires: Sat, 13 Jan 2024 17:47:40 GMT

GET
H/1.1 200
OK ymcode Show response
ssp-rtb.sape.ru/ 36 B
529 B 176ms
55ms Script
text/html 193.3.184.211
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/ymcode?callback=sapeRTB_65a2beac3_77680024
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/291/2/5291.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.211 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: de995f7235ae0eda88052417f972cf26f9fac1f36014c93a8bd67827b75107ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:40 GMT
Content-Encoding: gzip
Server: openresty
X-YaTraceId: 615817112826496a98d6d57878a61870
X-YaRequestId: 6f4e187c57fb4382a544f7510292ab7f
Access-Control-Allow-Methods: GET
Content-Type: text/html
Access-Control-Allow-Origin: *
X-YaSpanId: 9016383b6050e199
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 56
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
340 B 211ms
112ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A1534%7D&sid=65a2beac-3ba5-e402-nx3k-5wmduhtb6aeh&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1705164460
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
342 B 165ms
66ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A13499%2C%22ev%22%3A%22loadFree%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=65a2beac-3ba5-e402-nx3k-5wmduhtb6aeh&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1705164460
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
340 B 165ms
66ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=5291.13499.161201908.0.0.0&sid=65a2beac-3ba5-e402-nx3k-5wmduhtb6aeh&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1705164460
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
340 B 166ms
67ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A13499%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=65a2beac-3ba5-e402-nx3k-5wmduhtb6aeh&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1705164460
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
340 B 100ms
97ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A692898%2C%22ev%22%3A%22loadFree%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=65a2beac-3ba5-e402-nx3k-5wmduhtb6aeh&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1705164460
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
341 B 99ms
98ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=5291.692898.164073619.0.0.0&sid=65a2beac-3ba5-e402-nx3k-5wmduhtb6aeh&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1705164460
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
341 B 99ms
99ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A692898%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=65a2beac-3ba5-e402-nx3k-5wmduhtb6aeh&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1705164460
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 / Show response
www.acint.net/mc/ Frame D8E9 5 KB
5 KB 66ms
66ms Document
text/html 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=14
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: 0d4f42be14e9b694cd621a7a619326f761b282d2906e6261640063911fb0f394

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sat, 13 Jan 2024 16:47:40 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

GET
H2 200 oci.js Show response
www.acint.net/ 31 KB
14 KB 61ms
61ms Script
application/x-javascript 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/oci.js?t=1705164460463
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: 715eb6848028b84fa69bd9f38a9e3a52876e36538b42082b94754536e0a720cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
content-encoding: gzip
last-modified: Mon, 09 Jan 2023 08:01:12 GMT
server: openresty
etag: W/"63bbc9c8-7dac"
content-type: application/x-javascript

GET
H2 200 /
www.acint.net/hit/ 43 B
224 B 66ms
65ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.7.0&uid=7efe1859-882a-41ca-976f-102f3d606c7b&dp=14&tz=%2B01%3A00&nc=919597&u=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=&rs=1600x1200&t=%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&oE=1&oP=1&dT=2024-01-13T17%3A47%3A40.461&fu=dc0c3e3c-7e05-4750-b0b9-a65687003452
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame D8E9
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=5303420AACBEA26534022FBA021391B5

43 B
269 B

78ms
72ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=5303420AACBEA26534022FBA021391B5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:40 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=5303420AACBEA26534022FBA021391B5
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame D8E9
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007FACBEA2653436EA04021A2749
https://px.adhigh.net/p/cm/sape?u=0100007FACBEA2653436EA04021A2749&bounced=1
https://acint.net/match?dp=17&euid=u5OFywgnVlCN.AikABlGNA7jS7A

43 B
269 B

55ms
55ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=u5OFywgnVlCN.AikABlGNA7jS7A
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
server: nginx
x-backend-id: f19-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://acint.net/match?dp=17&euid=u5OFywgnVlCN.AikABlGNA7jS7A
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame D8E9
Redirect Chain

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4864240584
https://www.acint.net/rmatch?dp=45&euid=AkYqrQEuJdXD0PNhA7LvEYg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FACBEA2653436EA04021A2749

42 B
201 B

73ms
73ms

Image
image/gif

81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FACBEA2653436EA04021A2749
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:41 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Sat, 13 Jan 2024 16:47:41 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FACBEA2653436EA04021A2749
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame D8E9 0
752 B 95ms
41ms Image
text/plain 2606:4700:20::ac43:4ab4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=8&id=0100007FACBEA2653436EA04021A2749
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ab4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSB%2FQW%2FCB%2FbtEBCuI0lyaMd7MT1j2qEga%2BekoBBcdFiwQXw4TpkkOSXCBv8evZfucGFGXthKXMIyHBQo1%2BhvJ3Zf2hjscZYa2TXC4DpNRt6DZ%2Bu6hb8h5Ul9FrTRKRYYuXL0ohmC8rIKEw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 844f1f56f80b693a-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 204 match
dm-eu.hybrid.ai/ Frame D8E9 0
282 B 57ms
16ms Image
text/plain 37.230.131.22
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007FACBEA2653436EA04021A2749

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.22 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://www.acint.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 535
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame D8E9 3 KB
3 KB 236ms
58ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:40 GMT
Last-Modified: Sat, 13 Jan 2024 16:34:18 GMT
Server: nginx
ETag: "65a2bb8a-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame D8E9 0
69 B 228ms
52ms Image
text/plain 195.201.57.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007FACBEA2653436EA04021A2749
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.57.28 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.57.201.195.clients.your-server.de
Software: nginx/1.17.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 13 Jan 2024 16:47:40 GMT
server: nginx/1.17.0

GET
H2

200

match
acint.net/ Frame D8E9
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://www.acint.net/match?dp=71&euid=6bff403d-d9f8-4c38-b111-ff0ea11496ec
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14
https://acint.net/match?dp=14&euid=5303420AACBEA26534022FBA021391B5

43 B
269 B

67ms
67ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=5303420AACBEA26534022FBA021391B5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:40 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=5303420AACBEA26534022FBA021391B5
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame D8E9
Redirect Chain

https://s.ccsyncuuid.net/match/5/?remote_uid=0100007FACBEA2653436EA04021A2749
https://acint.net/match?dp=80&euid=lpY8IC9RzZbjsF4Dnh53

43 B
269 B

60ms
59ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=80&euid=lpY8IC9RzZbjsF4Dnh53
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=80&euid=lpY8IC9RzZbjsF4Dnh53
date: Sat, 13 Jan 2024 16:47:40 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame D8E9 42 B
201 B 317ms
71ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FACBEA2653436EA04021A2749
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:40 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame D8E9
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=EMQQPUKL

43 B
269 B

56ms
56ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=EMQQPUKL
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=95&euid=EMQQPUKL
date: Sat, 13 Jan 2024 16:47:40 GMT
server: nginx/1.22.0
content-length: 74
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame D8E9
Redirect Chain

https://sync.adspend.space/sape?uid=0100007FACBEA2653436EA04021A2749
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D149d19b8-aace-4dc7-85b2-61ba18b34ce0
https://www.acint.net/match?dp=98&euid=149d19b8-aace-4dc7-85b2-61ba18b34ce0

43 B
269 B

57ms
57ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=98&euid=149d19b8-aace-4dc7-85b2-61ba18b34ce0
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Sat, 13 Jan 2024 16:47:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: nginx/1.22.1
access-control-max-age: 1728000
access-control-allow-methods: PUT, GET, POST, OPTIONS
content-type: text/html; charset=utf-8
location: https://www.acint.net/match?dp=98&euid=149d19b8-aace-4dc7-85b2-61ba18b34ce0
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, authorization
content-length: 102

GET
H2

200

match
www.acint.net/ Frame D8E9
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=3-sQYS2dxpkz

43 B
269 B

57ms
56ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=3-sQYS2dxpkz
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=3-sQYS2dxpkz
Date: Sat, 13 Jan 2024 16:47:40 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame D8E9
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007FACBEA2653436EA04021A2749&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007FACBEA2653436EA04021A2749&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1&rts=70...
https://acint.net/match?dp=107&euid=94f7e899-398b-530d-82e0-a089e7421e24

43 B
269 B

56ms
55ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=94f7e899-398b-530d-82e0-a089e7421e24
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=94f7e899-398b-530d-82e0-a089e7421e24
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame D8E9
Redirect Chain

https://ads.adlook.me/csync?pid=sape&uid=0100007FACBEA2653436EA04021A2749&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=498b4181b03440b098d9076fd86f491c

43 B
269 B

57ms
57ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=498b4181b03440b098d9076fd86f491c
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=498b4181b03440b098d9076fd86f491c
date: Sat, 13 Jan 2024 16:47:40 GMT
server: Microsoft-IIS/10.0

GET
H2

200

match
www.acint.net/ Frame D8E9
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FACBEA2653436EA04021A2749
https://vma.mts.ru/match/second?ssp=30&exu=0100007FACBEA2653436EA04021A2749
https://tech.rtb.mts.ru/?dsp_uid=e814d066-51a0-4c69-8205-3f4b8fb43dee&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D30%2...
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
https://vma.mts.ru/em?next=30&em=2&ssp=aidata&id=e3COkPdBqFhZTMuAUqAIcg
https://www.acint.net/match?dp=125&euid=e814d066-51a0-4c69-8205-3f4b8fb43dee

43 B
269 B

58ms
58ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=125&euid=e814d066-51a0-4c69-8205-3f4b8fb43dee
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:41 GMT
Server: nginx
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Location: https://www.acint.net/match?dp=125&euid=e814d066-51a0-4c69-8205-3f4b8fb43dee
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame D8E9
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=2e661fd0-f9d4-45a2-55e6-7c280e70546a

43 B
269 B

56ms
56ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=2e661fd0-f9d4-45a2-55e6-7c280e70546a
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=2e661fd0-f9d4-45a2-55e6-7c280e70546a
date: Sat, 13 Jan 2024 16:47:40 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame D8E9
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0100007FACBEA2653436EA04021A2749
https://www.acint.net/match?dp=127&euid=XWX5HS4nuNN8G8SeFbt8

43 B
269 B

57ms
57ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=XWX5HS4nuNN8G8SeFbt8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=XWX5HS4nuNN8G8SeFbt8
date: Sat, 13 Jan 2024 16:47:40 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

match
www.acint.net/ Frame D8E9
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=rcgnxgii3m

43 B
269 B

57ms
56ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=rcgnxgii3m
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
server: nginx/1.22.0
surrogate-control: no-store
vary: Origin
access-control-allow-origin: *
location: https://www.acint.net/match?dp=129&euid=rcgnxgii3m
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 50c1ef10-fd6b-49d2-9df0-4c6efd201ac1
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame D8E9 0
215 B 166ms
52ms Image
text/plain 217.65.2.150
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007FACBEA2653436EA04021A2749
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 Jan 2024 16:47:41 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2

204

0.gif
x01.aidata.io/ Frame D8E9
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FACBEA2653436EA04021A2749
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FACBEA2653436EA04021A2749&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
433 B

57ms
57ms

Image
text/plain

89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
last-modified: Sat, 13 Jan 2024 16:47:40 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Sat, 13 Jan 2024 16:47:40 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Sat, 13 Jan 2024 16:47:41 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

sape.js
sync.gonet-ads.com/match/ Frame D8E9
Redirect Chain

https://sync.gonet-ads.com/match/sape.js?id=0100007FACBEA2653436EA04021A2749
https://sync.gonet-ads.com/match/sape.js?id=0100007FACBEA2653436EA04021A2749&chk=1

345 B
345 B

62ms
60ms

Image
application/javascript

188.42.105.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.gonet-ads.com/match/sape.js?id=0100007FACBEA2653436EA04021A2749&chk=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Server

188.42.105.220 , Luxembourg, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

Redirect headers

date: Sat, 13 Jan 2024 16:47:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
location: https://sync.gonet-ads.com/match/sape.js?id=0100007FACBEA2653436EA04021A2749&chk=1
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame D8E9
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0100007FACBEA2653436EA04021A2749
https://sync.bumlam.com/?src=sap1&s_data=CAIQARit_YqtBmIgMDEwMDAwN0ZBQ0JFQTI2NTM0MzZFQTA0MDIxQTI3NDmiARB3ZiuKsjMR7ruxACWQyCQ2

0
523 B

21ms
21ms

Image
text/html

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARit_YqtBmIgMDEwMDAwN0ZBQ0JFQTI2NTM0MzZFQTA0MDIxQTI3NDmiARB3ZiuKsjMR7ruxACWQyCQ2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Sat, 13 Jan 2024 16:47:41 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Sat, 13 Jan 2024 16:47:41 GMT
Server: nginx
ETag: 77662b8a-b233-11ee-bbb1-002590c82436
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARit_YqtBmIgMDEwMDAwN0ZBQ0JFQTI2NTM0MzZFQTA0MDIxQTI3NDmiARB3ZiuKsjMR7ruxACWQyCQ2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

done
pix.bumlam.com/sync/sape/ Frame D8E9
Redirect Chain

https://pix.bumlam.com/sync/sape/check?sspuid=0100007FACBEA2653436EA04021A2749
https://sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/sync_ok?guid=77662b8a-b233-11ee-bbb1-002590c82436
https://77662b8a-b233-11ee-bbb1-002590c82436.n1.sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/done

43 B
673 B

20ms
19ms

Image
image/gif

31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.bumlam.com/sync/sape/done

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

HTTP/1.1

Server

31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jan 2024 16:47:42 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.acint.net
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-Xss-Protection: 0
Expires: 05-Jun-2005 22:00:00 GMT

Redirect headers

location: https://pix.bumlam.com/sync/sape/done
access-control-allow-origin: *
date: Sat, 13 Jan 2024 16:47:42 GMT
server: nginx/1.24.0
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 0100007FACBEA2653436EA04021A2749
an.yandex.ru/mapuid/sapeis/ Frame D8E9 43 B
387 B 198ms
79ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007FACBEA2653436EA04021A2749

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sat, 13 Jan 2024 16:47:41 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H2

200

match
www.acint.net/ Frame D8E9
Redirect Chain

https://nr.bidderstack.com/sape/cm?user_id=0100007FACBEA2653436EA04021A2749
https://nr.bidderstack.com/sape/cm?user_id=0100007FACBEA2653436EA04021A2749&pupa=1
https://www.acint.net/match?dp=251&euid=937dba13-394c-a379-c498-8e3e19b3e759

43 B
269 B

58ms
57ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=251&euid=937dba13-394c-a379-c498-8e3e19b3e759
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=251&euid=937dba13-394c-a379-c498-8e3e19b3e759
Access-Control-Allow-Origin: *
Date: Sat, 13 Jan 2024 16:47:41 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
www.acint.net/ Frame D8E9
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=0100007FACBEA2653436EA04021A2749
https://www.acint.net/match?dp=186&euid=298e825c-6571-44a1-81cf-acc8dcc5218c

43 B
269 B

64ms
64ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=298e825c-6571-44a1-81cf-acc8dcc5218c
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:41 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=298e825c-6571-44a1-81cf-acc8dcc5218c
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame D8E9
Redirect Chain

https://match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
https://www.acint.net/match?dp=217&euid=98989bd6-1fbd-4a9c-ae99-149f0e3e5df9

43 B
269 B

73ms
72ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=217&euid=98989bd6-1fbd-4a9c-ae99-149f0e3e5df9
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=217&euid=98989bd6-1fbd-4a9c-ae99-149f0e3e5df9
date: Sat, 13 Jan 2024 16:47:41 GMT
access-control-allow-credentials: true
server: nginx
bidder: bid-27 1.1376.f4afd3f
content-length: 0

GET
H/1.1 400
Bad Request user-sync
sync.adkernel.com/ Frame D8E9 22 B
22 B 69ms
15ms Image
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:41 GMT
Cache-Control: no-store
Server: nginx
Connection: close
Content-Length: 22

GET
H2

200

/
dmp.sbermarketing.ru/ Frame D8E9
Redirect Chain

https://sync.programmatica.com/match/01
https://sync.programmatica.com/match/01?chk=1
https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_evid=8vhicaia6d0gnvnhrxxom892oalkpb77&user_prg=NDczOWJmNGE4YWQwM2E3Nw

35 B
667 B

180ms
54ms

Image
image/gif

37.18.110.198
CLOUDRU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_evid=8vhicaia6d0gnvnhrxxom892oalkpb77&user_prg=NDczOWJmNGE4YWQwM2E3Nw

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Server

37.18.110.198 , Russian Federation, ASN208677 (CLOUDRU-AS, RU),

Reverse DNS

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
content-length: 35
expires: 0

Redirect headers

location: https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_evid=8vhicaia6d0gnvnhrxxom892oalkpb77&user_prg=NDczOWJmNGE4YWQwM2E3Nw
date: Sat, 13 Jan 2024 16:47:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H2

204

weborama-sync
adx.com.ru/ Frame D8E9
Redirect Chain

https://adx.com.ru/sape-sync?uid=0100007FACBEA2653436EA04021A2749
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007FACBEA2653436EA04021A2749
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65a2beadd41e0600017d93a9%2526r%253D%26webouid%3...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65a2beadd41e0600017d93a9%2526r%253D%26webouid%3...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65a2beadd41e0600017d93a9%26r%3D&webouid=Yd5wxRCgQx2V0/kHY447Iu

0
141 B

168ms
168ms

Image
text/plain

83.222.117.90
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65a2beadd41e0600017d93a9%26r%3D&webouid=Yd5wxRCgQx2V0/kHY447Iu
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 83.222.117.90 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:42 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
server: nginx/1.22.0
p3p: CP="adx.com.ru does not have a P3P policy"

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
via: 1.1 google
last-modified: Sat, 13 Jan 2024 16:47:41 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65a2beadd41e0600017d93a9%26r%3D&webouid=Yd5wxRCgQx2V0/kHY447Iu
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame D8E9
Redirect Chain

https://kimberlite.io/rtb/sync/sape2?u=0100007FACBEA2653436EA04021A2749
https://solta-sync.rutarget.ru/sync
https://kimberlite.io/rtb/sync/segmento?u=3-sQYS2dxpkz
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZaK-rcprDqI
https://vma.mts.ru/match/second?ssp=59&exu=ZaK-rcprDqI
https://tech.rtb.mts.ru/?dsp_uid=e814d066-51a0-4c69-8205-3f4b8fb43dee&return_url=https%3A%2F%2Fmts-dsp-sync.rutarget.ru%2Fsync%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59...
https://mts-dsp-sync.rutarget.ru/sync?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D3%26ssp%3Dsegmento%26id%3D%24%7BRUTARGET_VISITOR_ID%7D
https://vma.mts.ru/em?next=59&em=3&ssp=segmento&id=3-sQYS2dxpkz
https://kimberlite.io/rtb/sync/mts?u=e814d066-51a0-4c69-8205-3f4b8fb43dee
https://www.acint.net/match?dp=243&euid=ZaK-rcprDqI

43 B
269 B

92ms
92ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=243&euid=ZaK-rcprDqI
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:42 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:42 GMT
referrer-policy: no-referrer
Server: nginx
access-control-allow-origin: *
location: https://www.acint.net/match?dp=243&euid=ZaK-rcprDqI
cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
server-timing: app;srv=0;dur=0.0002
Content-Length: 0

GET
H2

200

match
www.acint.net/ Frame D8E9
Redirect Chain

https://sync.dsp.solta.io/match/sape?id=0100007FACBEA2653436EA04021A2749
https://sync.dsp.solta.io/match/sape?id=0100007FACBEA2653436EA04021A2749&chk=1
https://www.acint.net/match?dp=260&euid=NGJlM2NjMzhiMmZmODRlNg

43 B
269 B

57ms
57ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=260&euid=NGJlM2NjMzhiMmZmODRlNg
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=260&euid=NGJlM2NjMzhiMmZmODRlNg
date: Sat, 13 Jan 2024 16:47:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame D8E9 43 B
452 B 186ms
62ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007FACBEA2653436EA04021A2749
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:41 GMT
Last-Modified: Sat, 13 Jan 2024 16:47:41 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Sat, 13 Jan 2024 22:47:41 GMT

GET
H2 200 set
sync.rambler.ru/ Frame D8E9 43 B
225 B 265ms
145ms Image
image/gif 91.192.150.36
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=1b87f89d-4fb1-4046-b5d4-1814eb9a34db&id=0100007FACBEA2653436EA04021A2749

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.150.36 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

sync.rambler.ru

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
strict-transport-security: max-age=0
x-passed: 0bal1
server: nginx
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2

200

match
www.acint.net/ Frame D8E9
Redirect Chain

https://ssp.afp.ai/api/sync/sape
https://www.acint.net/match?dp=261&euid=6cd5338e-3b7f-4033-860e-20a385f784c2

43 B
269 B

53ms
53ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=261&euid=6cd5338e-3b7f-4033-860e-20a385f784c2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Sat, 13 Jan 2024 16:47:41 GMT
Server: nginx/1.20.1
Vary: Origin
Access-Control-Allow-Origin
Location: https://www.acint.net/match?dp=261&euid=6cd5338e-3b7f-4033-860e-20a385f784c2
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
www.acint.net/oci/ 43 B
224 B 56ms
56ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/oci/?v=0.7.0&uid=7efe1859-882a-41ca-976f-102f3d606c7b&dp=14&tz=%2B01%3A00&nc=467171&oid=52b222771b1042f618745d4bef00d73f
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10247.ifvCsN-4j_RAWTbv2qoVzXmujkgdhfZ0UDlj2GkWN971WljUUuNeZBm439h81Hvu.9FAm16kxfO8NpeRWCTbZvN28x-c%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10247.6LGOwlLrr_Kp7w14SzgV9zss55ZlrSx0C64__umHeJh7ifjzhGZ5WvCvXXNU4h1t06GwaPFvbTLE2ERN5f05wwt2X-wPXGhvTD1_OnMzX6OxsApvbwo2wGVCeaJgZuZjA_moucToCN...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10247.wgY2JHvrHJDFS7RiQ3nPRHFQEAoMqnyKHhoVmehxf5cUWNSkmiipPHek7TjPlJnUIHYEoKE4T60g9MZ1wBoldjbzFJL1G8KNdulEclV_AJO4b...

43 B
584 B

59ms
59ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10247.wgY2JHvrHJDFS7RiQ3nPRHFQEAoMqnyKHhoVmehxf5cUWNSkmiipPHek7TjPlJnUIHYEoKE4T60g9MZ1wBoldjbzFJL1G8KNdulEclV_AJO4b7pzmfYCZE1Oatmk4erApGE_rvRmUOCPXe_jOc6qZVFj7Po97vtAKYfX04jPSjJilawTAD4ugCPsZR5scbAPGZh1Kv-PWktTo30MtZM0Mg%2C%2C.tvVPawmjq0j_IsyMnn-9pZrxcHU%2C

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10247.wgY2JHvrHJDFS7RiQ3nPRHFQEAoMqnyKHhoVmehxf5cUWNSkmiipPHek7TjPlJnUIHYEoKE4T60g9MZ1wBoldjbzFJL1G8KNdulEclV_AJO4b7pzmfYCZE1Oatmk4erApGE_rvRmUOCPXe_jOc6qZVFj7Po97vtAKYfX04jPSjJilawTAD4ugCPsZR5scbAPGZh1Kv-PWktTo30MtZM0Mg%2C%2C.tvVPawmjq0j_IsyMnn-9pZrxcHU%2C
date: Sat, 13 Jan 2024 16:47:40 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
495 B 98ms
98ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65898a2e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 13 Jan 2024 17:47:40 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C100 42 B
173 B 57ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DeoP1D5xcy-Jm8cwh2g3P8zrDDb0iR6aPjs0NubvAD-LRWVQzXjucE_ZH6LdBVEst38cIluKA4lBquJIda7DTeMLvv4uxPy-XWymutjx1YfwUmeBE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=600&slotname=1332047107&adk=1460880071&adf=2290519548&pi=t.ma~as.1332047107&w=160&lmt=1705164460&format=160x600&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&wgl=1&dt=1705164459885&bpp=2&bdt=263&idt=302&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=6926956670417&frm=20&pv=2&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=309

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C100 89 KB
31 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 16:47:40 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame C100 18 KB
8 KB 91ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 13 Jan 2024 17:36:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame C100 3 KB
1 KB 86ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 16:19:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame C100 20 KB
9 KB 84ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C100 205 KB
65 KB 169ms
100ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 16:47:40 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C97C 624 B
246 B 63ms
63ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJmv3KQCELr9zLECGNvlwf8BMAE&v=APEucNU0jkpbs8_jRQ_vB59V3tFc2aQEgLU2OklSYXC23lyP7go1DfezzSJEjwBhzJWldYngkHoeaZaWlG9hs4Aua8gxZaJRXfWHMCxmH4_Sf4giup50nox0TvzF0Xof0EgULfLFwUKazvGXbiIRltHdqd14SkO0-UXGyxEBTtGxJiKN1edtbxg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=600&slotname=1332047107&adk=1460880071&adf=2290519548&pi=t.ma~as.1332047107&w=160&lmt=1705164460&format=160x600&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&wgl=1&dt=1705164459885&bpp=2&bdt=263&idt=302&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=6926956670417&frm=20&pv=2&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=309
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:47:40 GMT
expires: Sat, 13 Jan 2024 16:47:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame D8E9 16 KB
16 KB 115ms
115ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=156258050304343
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5e740b4c722831d9a6451a42a01ca2541e1a0c2af5718703a89bc9823c16099a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:47:41 GMT
Last-Modified: Sat, 13 Jan 2024 16:34:19 GMT
Server: nginx
ETag: "65a2bb8b-3e23"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15907

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame C97C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1

43 B
340 B

39ms
39ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJmv3KQCELr9zLECGNvlwf8BMAE&v=APEucNU0jkpbs8_jRQ_vB59V3tFc2aQEgLU2OklSYXC23lyP7go1DfezzSJEjwBhzJWldYngkHoeaZaWlG9hs4Aua8gxZaJRXfWHMCxmH4_Sf4giup50nox0TvzF0Xof0EgULfLFwUKazvGXbiIRltHdqd14SkO0-UXGyxEBTtGxJiKN1edtbxg
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geA8QYv5yLD%2FdztCycj8o%2FV%2B6jaT2hAyEDy6FKpHmvlZvMaq%2BRlIwdKRihv9MJCJV4WR0wwA6JAzfzcwWcO4D%2BKMopen7zeA4PF%2BO7o0LwutzL2MQAOiLm6Krd9XTPJsqA3dr7FBfoctIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844f1f58bbb16928-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C97C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaK.rL8n-ZkV2igyWqk5XQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1&google_hm=2

43 B
769 B

37ms
36ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJmv3KQCELr9zLECGNvlwf8BMAE&v=APEucNU0jkpbs8_jRQ_vB59V3tFc2aQEgLU2OklSYXC23lyP7go1DfezzSJEjwBhzJWldYngkHoeaZaWlG9hs4Aua8gxZaJRXfWHMCxmH4_Sf4giup50nox0TvzF0Xof0EgULfLFwUKazvGXbiIRltHdqd14SkO0-UXGyxEBTtGxJiKN1edtbxg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVOiUdcuaYRt31M%2B9Nl%2BN5v4XiTujDmbEkKyvGKr7tFofirKaXM9hTcs5HWBkj82XkYomz9o5JX9Zz7ENuCCfb8sXIOowOiv3eJ3W4Z%2B8QpIUJV8VNvYaWFoc1k62%2B10TPYDGcF2tgYLaw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844f1f5959d70497-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame C97C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMxibmGF0q1caKiFm8n-nxY&google_cver=1

43 B
1014 B

24ms
24ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMxibmGF0q1caKiFm8n-nxY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJmv3KQCELr9zLECGNvlwf8BMAE&v=APEucNU0jkpbs8_jRQ_vB59V3tFc2aQEgLU2OklSYXC23lyP7go1DfezzSJEjwBhzJWldYngkHoeaZaWlG9hs4Aua8gxZaJRXfWHMCxmH4_Sf4giup50nox0TvzF0Xof0EgULfLFwUKazvGXbiIRltHdqd14SkO0-UXGyxEBTtGxJiKN1edtbxg

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
an-x-request-uuid: 9e7fd995-dc46-443f-a11b-5233b34e74f0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 95.211.146.75; 95.211.146.75; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMxibmGF0q1caKiFm8n-nxY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C97C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE3OTIxNDM4MjA0NzczMzA4Mg%3D%3D

170 B
243 B

30ms
30ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE3OTIxNDM4MjA0NzczMzA4Mg%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
an-x-request-uuid: 9b8937cd-df25-4f61-96bf-19d8832c2feb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE3OTIxNDM4MjA0NzczMzA4Mg%3D%3D
x-proxy-origin: 95.211.146.75; 95.211.146.75; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/93290584/
Redirect Chain

https://mc.yandex.com/watch/93290584?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2265a2beac-3ba5-e402-nx3k-5wmduhtb6aeh%22%7D&uah=che...
https://mc.yandex.com/watch/93290584/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2265a2beac-3ba5-e402-nx3k-5wmduhtb6aeh%22%7D&uah=c...

427 B
463 B

59ms
58ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/93290584/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2265a2beac-3ba5-e402-nx3k-5wmduhtb6aeh%22%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A0%3Als%3A1201357218684%3Ahid%3A155133910%3Az%3A60%3Ai%3A20240113174740%3Aet%3A1705164461%3Ac%3A1%3Arn%3A787536381%3Arqn%3A1%3Au%3A1705164461506857659%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C292%2C31%2C388%2C388%2C1%2C582%2C15%2C%2C%2C%2C1294%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705164458939%3Afp%3A854%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705164461%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

82676560cdf2c9827a00b38af54572e56364d04a110747eac49dd8218b67640a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 13-Jan-2024 16:47:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.paladiny.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Sat, 13-Jan-2024 16:47:40 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 13-Jan-2024 16:47:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/93290584/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2265a2beac-3ba5-e402-nx3k-5wmduhtb6aeh%22%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A0%3Als%3A1201357218684%3Ahid%3A155133910%3Az%3A60%3Ai%3A20240113174740%3Aet%3A1705164461%3Ac%3A1%3Arn%3A787536381%3Arqn%3A1%3Au%3A1705164461506857659%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C292%2C31%2C388%2C388%2C1%2C582%2C15%2C%2C%2C%2C1294%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705164458939%3Afp%3A854%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705164461%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: http://www.paladiny.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 13-Jan-2024 16:47:40 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/71281900/
Redirect Chain

https://mc.yandex.com/watch/71281900?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9...
https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnln...

420 B
511 B

66ms
66ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1351407882931%3Ahid%3A155133910%3Az%3A60%3Ai%3A20240113174740%3Aet%3A1705164461%3Ac%3A1%3Arn%3A31751938%3Arqn%3A1%3Au%3A1705164461506857659%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C292%2C31%2C388%2C388%2C1%2C582%2C15%2C%2C%2C%2C1294%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705164458939%3Afp%3A854%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705164461%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3aa90d8d09735c63f9e98c0967198abaf7ae4a9b3d1d570c0dd22ea939312140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 13-Jan-2024 16:47:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.paladiny.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Sat, 13-Jan-2024 16:47:40 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 13-Jan-2024 16:47:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1351407882931%3Ahid%3A155133910%3Az%3A60%3Ai%3A20240113174740%3Aet%3A1705164461%3Ac%3A1%3Arn%3A31751938%3Arqn%3A1%3Au%3A1705164461506857659%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C292%2C31%2C388%2C388%2C1%2C582%2C15%2C%2C%2C%2C1294%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705164458939%3Afp%3A854%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705164461%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: http://www.paladiny.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 13-Jan-2024 16:47:40 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C100 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2127946366140&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C100 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2127946366140&version=m202309260101&ct=77&x=1&cor=1139771926066145400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C100 34 KB
19 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AY5DvmkUrVWmBGeG_oGSvLWrTCrYr3MGxQkEdqTku_yi0gkf_onlj7qmQmSQxBWlJ-sU6jUGJbT59bs5eUGONcvSKNyBqKsV5yOlX3Zl8f_isrPRGjeU7h7Ly6c80AvyD8pKBjuQvs6MJCGjY7pUwAEVaBnzFOm70AhVQcJeMU_QjJ-PE&cry=1&dbm_d=AKAmf-CrzNfanAPj-T1KWERcs-XDrJURhYC_fzeXDcwl2V_fesy37RdPCH025smiTsrdIV6SAzEjXpvttCg9myM6BUFeqoAqZvXGb6ABYQkYZaTvxQGCfE7BlL9shVNmxYBdGwG6iPZEUJStATVLLczCOfTwuMvWyDIUtcdalhmNL0hM2_bxp37MYnW4Dq0CIYrTqmWluTtfH92kewumADlw9k7N9lUy-D4NjyOFwYzBCmODz9BziS9HRmJW8MPrmXvtWLuinyskw9LD2np7nUfBJyfTYNGTiew1cHLRrnTSDfYgkA8wWshX2UsuQuDtcu4AkdtBrGabiHmOWY8QdjALFUIoCS4p3xgsegY2ijLknHvnWkzAVxHB3HC_j738Lwe3pdBgr7i5-XR28eaYYGiGmS54mhQJdnONpg2xibrjwxJog09K8PqM2B_a66rQauUcc9Lfcs-n0Vv8mEzM2b5Y_Huxt_8DDs2BA3g-c5AvNo_EyD8VeRO6I-_ThfW-HxsktlJrrsZFnAH4s3l8sRLXzxuLdFXT2RI2H9stFcTuA19kBAIDKpiR3NsdhF1073fBLQihQXwRIbKEGs94v79Nz_9zeEd82kl-zYmGzxnJ4PZ93PkccAsgYDY2R43nNk8OkTAJPsxEHK1fNQXyR72dRRIKUMF1c0glVprVky3Ub3wv9eyL1ABOK-2CIa0EtXoo1b8ZietA-RdD1aNXr-E0ciaDYc7fUzjxMNJTpIEgCdbRHsE3cAfLbsriOchOmzNJ0BW1Lnl5zC9rwyWu0n93yr-DIR2sIIIRgujhAPBW4NAnCjkJezg8ZxBgznglsTgoRVzT8JiAFfhBKxTjgmycw91M1uQcJK0rC1pca9OsWaNeepeAZXS5XkGGLcvw7CyR8yeBLmed3vmOMXATiOtwvhsla08-wCYq8de9cqV85bY0XXSA8YB8MsT2glIDhX3g_YtHIorlofbZ6TZFEM15EDzNHHZ8mcnYimVbehIKn3tLdxRiLyNLSZh4zbTh2qA9r2hfHI2NumVeHUTD-JmY95cWWnE8-JrYCy7SKmrrOGRz_crtKalmdDzl4_tcfW7sZ9JcxHm7a_AeUhdaTVz7C4W20CcntMbiAAAm-ezF77ujK11ZwRR15RrITv-NIX4W-tL6849bWurkQcY-yH6tgvLgnVAPuCduSXhPqLEqu980Fl_RGObk7m6jEfFLrZch9BzhpBOi9riV0lO-rKsDgpg3IYHSlD0r3eHUf1NJqFZzk31GAjWzbGhDX43lCrpDmR5tH6zo1Vngu_tzGS1AliDE-MjgiJFAfUAjUwsdZ0NCX7yJxYGV_WZHx6mYalDJH_HqLMFpt6dGrlayp_fgYdTL9HhqiLlji1XgGpzXzMMmS4NMSbUmd73ovk11vKPNjKbqoHdwfld9Q3rOKNaCQ6XJtjylBH8id7BJfuAApx7i-lyrYKeBI9B6TcXOvXmgzYhoHC-jKWVGH5V1sLiC_49oUzfejqZcz2pCt4THBV-fEags9fFXmO6ZtrOBVIBpmz4L-EjhNDBAnqSNxsh3kv8OCIgt8U9ISNSFESmzqMY2C0yaZ8m6BLCPYgsa2S6vFdoOeCk0L-hYfRyFYRfAyZRt4IOeNfephNFE7XhEMJkfOPUV02nfqfPUlrVxxS9B2nX0Hc7y1TLKxrCj7xYzRWRRazByOaMCTa4la0r8OGZL_fKISa80-CyEVJPWR2GBqWop5C1Yah53uw5xPN49ZuCvGVZlpsTIcIj944BRsyw2b_YENrOIu7Bp-P_t6X82IUEiGEnCL-WVR6C3g2BYuaYMLiTDmAjPkJ4QHZ5UGy7eNjEyKUzNq1EUdbrpZQwD3SaAKtLN6xVS3Zr4YlwMp-LC-BpEzR71LEws9AFrVMpXGVXZnczQSCyW5xALibYUC2P-Q3SOzzEdNyZMsL-EAajxGsQSsM4EBjJ9555nVZXbHbvMrVtOqo-Ee1wKJcAWRZu8NIRa550u6L2cLlSfxZd_sbAwrt5OJBp7eosB1RWxjgdWwo76bC5XSGSwcwa7I9YlBZ6gKwbnAfHm9rlOQNX_CKaodKNEac5oaPCnqwD_g0BywlTWoSbahri2TICi-QUEGGt1TerJWgXT4iGYAyXwAlBrVCpt0C0jghwvkBpMUPu9N_z1r5FRLM_QXx_GHVEIALCdHZGc1HAW72JTdE-vG88OinTkpKcWMAlYogmgRCSOFaBUum000La62Ms96ZRJh-SBZdpu-C-qhgB1GuvKN8ZFtt_K_zMcz0dg8SQWaI0y2ZNG5Dw5JZxB6WfGmMtsjI2yPQFlzXXjmWq6oOroXIcdtXnpD1hS8g3_uw86ubtageuAuCwAfhhB0G6GX6b6XoyVyy4_gelk2yH-tp47Jl2gRKX5Jm5oZX5sUi8rCOcgZDJFKjxPWZHl_7NW_PBDjZjPc8vW_6mJHOf81c9PHL2A6zFUJrMFH4v24M5fk2Glp4jOX-wLq_qu8DhnBAQCn6aVfFoiTl2K9QbFyj7do4gvZO-heblzcO_ZI9_A8P-Pu5JM5rMnSXuUMFSASwUVGLhX5WlkSz9hOoN_vmtPhoCKQza3CeHGs0_tBigTvdgUo7ids_70bovM1PU0QnSYB408QF0IgtZBRKInD41jA-ipXbWFvUQEoyf44pZdg2OJXNj8yJou93p45LQu3YZVCvaMLI_MifQVJ12U0A_g1l8I06C1gNDgOOQxU5d5giEJxkMT1UFt5rqEPhRhfiPInr8FWg2Qi01rQ2SrczgzomsevE-I70nI5yYF20WAWGn7iCx7N_7fKHnZpowGMh9l_tMbiVjMtCUoWFEF2OGozI8CLbAnyVUb-qGRwd6cRnz5pjNa7z5SYu7N0-xuFoHmME6NDuLTu8BXlp3jA9QbKAfeJzNksa5o8HAuL8-Ykdf1Y7dkTQ55D6tphdhNykgz_XCtLRXxQwl_rSSktl3UIg54gp4bK9tNbtJKtNSmbhD2ZsnJ_vaExBj0-8McGhTlPC89_0BTQupQLJ0iGW0avHGeQy2Se-YR355_dT5hOQ3cBdmWJT1Fdc_a46ZB7rMPCN-NLbav2WN2VLPKHtLaNrRzV_aewxnNn15tR4vu2_jlFbIFmcACMJjfSMU9wzSuRJtLKxt2TbJDExmyjoARxwhpMQUzp4IOOzVl8UP-8OkMNUYH8jp-jIoidFKEhtEO1LnuWAyVoMDjC8BzuTXPRIeAGr1GnWpmTDF9egRUO3Mo2cXeRS3C61skbKCi3OwoHZIw9uUIXivRUXTuJC7uXsd-tvT1dKDSPpk_97k9GU3tCE2r7iKnpK6dYltlJ9PMAG9eGji4uV76-tWic9WV8ZRijZC--WmbksT6ZDxSQFwx7XtV2BDkJ5p7JS77Bors0nG3UhqugY9AJJ8IsRNiZGGfINuJcVpUhbH8VpwTd2YqZhA0vfqrJLfbaJCiepQXRyepoDrzZLfbw8XEznMDjgpI7vEIY7JpYYtS-gLg9HCr2pVWIL8wIyXQzzCNHWtJaOond20jxEqbTnbXoFH8ume-GzGA75bn0Npf8jwfKzppx5rIXZatnGzH4EwDifspu1K2SDfw88FR-hy0XrBVi3si2JCcn8YS_p8UNncyHecWz5s5HMtn8lC_hopyMR4f9l-5DSYX-oEZwIHpKEfEGDhMApJItWaCV6OxB9HO6JHJHBuK2lp5rEt0Z_Fh6L8qwXvV3Wg-IpQNDd8IfWLdDHWSJN71GT7CRrqmRhDRPmg606Y&cid=CAQSTgAvHhf_6PSVOAb0EK4_flqsQHn1D_yUjVvnsToPqPDvkakXspvLZJzOxrXVG7pL3lniyN0KmYDBvZfpccu29A0riKxPMeh4VLfh25i56BgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.paladiny.ru%2F&ds=l&xdt=1&iif=1&cor=1139771926066145400&adk=356101034&idt=126&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0aa2e0a9939fc986515da1a907b6f57b9928e8a7be97c1945a1d1d365ee5274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=600&slotname=1332047107&adk=1460880071&adf=2290519548&pi=t.ma~as.1332047107&w=160&lmt=1705164460&format=160x600&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&wgl=1&dt=1705164459885&bpp=2&bdt=263&idt=302&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=6926956670417&frm=20&pv=2&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=309
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19694
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 162 KB
55 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fddee2b48f1822e49e4c1eb8d237ef5ad94d5ab8a9306643a024423aeb7012bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56404
x-xss-protection: 0
server: cafe
etag: 1403112501185003068
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 16:47:40 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D665 717 B
375 B 448ms
447ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=280&adk=2238285969&adf=821804958&pi=t.aa~a.469292974~i.14~rp.1&w=551&fwrn=4&fwrnh=100&lmt=1705164460&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9553686225&ad_type=text_image&format=551x280&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&fwr=0&pra=3&rh=138&rw=551&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705164460921&bpp=1&bdt=1298&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0&nras=2&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=193&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2628c42c75914f3e08cc1366ae5bef74bd5c6b495b9faf8474da652617b97b1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:47:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B354 717 B
372 B 404ms
404ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=280&adk=2238285969&adf=2522502942&pi=t.aa~a.469292974~i.16~rp.1&w=551&fwrn=4&fwrnh=100&lmt=1705164460&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9553686225&ad_type=text_image&format=551x280&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&fwr=0&pra=3&rh=138&rw=551&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705164460921&bpp=1&bdt=1299&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280&nras=3&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=193&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054cf2d853d8cfffb80a129cb7789b16fc34b191f67d2483485f870e3a74f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 351
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:47:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 557A 49 KB
18 KB 450ms
449ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705164460&rafmt=1&to=qs&pwprc=9553686225&format=1200x90&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705164460981&bpp=1&bdt=1359&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280%2C551x280&nras=4&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1400&ady=4540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a79e09c4cf3188b286ce479a96f6a58f8aca07a4e41095234352d18448e9516e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 18060
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:47:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame C100 31 KB
12 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AY5DvmkUrVWmBGeG_oGSvLWrTCrYr3MGxQkEdqTku_yi0gkf_onlj7qmQmSQxBWlJ-sU6jUGJbT59bs5eUGONcvSKNyBqKsV5yOlX3Zl8f_isrPRGjeU7h7Ly6c80AvyD8pKBjuQvs6MJCGjY7pUwAEVaBnzFOm70AhVQcJeMU_QjJ-PE&cry=1&dbm_d=AKAmf-CrzNfanAPj-T1KWERcs-XDrJURhYC_fzeXDcwl2V_fesy37RdPCH025smiTsrdIV6SAzEjXpvttCg9myM6BUFeqoAqZvXGb6ABYQkYZaTvxQGCfE7BlL9shVNmxYBdGwG6iPZEUJStATVLLczCOfTwuMvWyDIUtcdalhmNL0hM2_bxp37MYnW4Dq0CIYrTqmWluTtfH92kewumADlw9k7N9lUy-D4NjyOFwYzBCmODz9BziS9HRmJW8MPrmXvtWLuinyskw9LD2np7nUfBJyfTYNGTiew1cHLRrnTSDfYgkA8wWshX2UsuQuDtcu4AkdtBrGabiHmOWY8QdjALFUIoCS4p3xgsegY2ijLknHvnWkzAVxHB3HC_j738Lwe3pdBgr7i5-XR28eaYYGiGmS54mhQJdnONpg2xibrjwxJog09K8PqM2B_a66rQauUcc9Lfcs-n0Vv8mEzM2b5Y_Huxt_8DDs2BA3g-c5AvNo_EyD8VeRO6I-_ThfW-HxsktlJrrsZFnAH4s3l8sRLXzxuLdFXT2RI2H9stFcTuA19kBAIDKpiR3NsdhF1073fBLQihQXwRIbKEGs94v79Nz_9zeEd82kl-zYmGzxnJ4PZ93PkccAsgYDY2R43nNk8OkTAJPsxEHK1fNQXyR72dRRIKUMF1c0glVprVky3Ub3wv9eyL1ABOK-2CIa0EtXoo1b8ZietA-RdD1aNXr-E0ciaDYc7fUzjxMNJTpIEgCdbRHsE3cAfLbsriOchOmzNJ0BW1Lnl5zC9rwyWu0n93yr-DIR2sIIIRgujhAPBW4NAnCjkJezg8ZxBgznglsTgoRVzT8JiAFfhBKxTjgmycw91M1uQcJK0rC1pca9OsWaNeepeAZXS5XkGGLcvw7CyR8yeBLmed3vmOMXATiOtwvhsla08-wCYq8de9cqV85bY0XXSA8YB8MsT2glIDhX3g_YtHIorlofbZ6TZFEM15EDzNHHZ8mcnYimVbehIKn3tLdxRiLyNLSZh4zbTh2qA9r2hfHI2NumVeHUTD-JmY95cWWnE8-JrYCy7SKmrrOGRz_crtKalmdDzl4_tcfW7sZ9JcxHm7a_AeUhdaTVz7C4W20CcntMbiAAAm-ezF77ujK11ZwRR15RrITv-NIX4W-tL6849bWurkQcY-yH6tgvLgnVAPuCduSXhPqLEqu980Fl_RGObk7m6jEfFLrZch9BzhpBOi9riV0lO-rKsDgpg3IYHSlD0r3eHUf1NJqFZzk31GAjWzbGhDX43lCrpDmR5tH6zo1Vngu_tzGS1AliDE-MjgiJFAfUAjUwsdZ0NCX7yJxYGV_WZHx6mYalDJH_HqLMFpt6dGrlayp_fgYdTL9HhqiLlji1XgGpzXzMMmS4NMSbUmd73ovk11vKPNjKbqoHdwfld9Q3rOKNaCQ6XJtjylBH8id7BJfuAApx7i-lyrYKeBI9B6TcXOvXmgzYhoHC-jKWVGH5V1sLiC_49oUzfejqZcz2pCt4THBV-fEags9fFXmO6ZtrOBVIBpmz4L-EjhNDBAnqSNxsh3kv8OCIgt8U9ISNSFESmzqMY2C0yaZ8m6BLCPYgsa2S6vFdoOeCk0L-hYfRyFYRfAyZRt4IOeNfephNFE7XhEMJkfOPUV02nfqfPUlrVxxS9B2nX0Hc7y1TLKxrCj7xYzRWRRazByOaMCTa4la0r8OGZL_fKISa80-CyEVJPWR2GBqWop5C1Yah53uw5xPN49ZuCvGVZlpsTIcIj944BRsyw2b_YENrOIu7Bp-P_t6X82IUEiGEnCL-WVR6C3g2BYuaYMLiTDmAjPkJ4QHZ5UGy7eNjEyKUzNq1EUdbrpZQwD3SaAKtLN6xVS3Zr4YlwMp-LC-BpEzR71LEws9AFrVMpXGVXZnczQSCyW5xALibYUC2P-Q3SOzzEdNyZMsL-EAajxGsQSsM4EBjJ9555nVZXbHbvMrVtOqo-Ee1wKJcAWRZu8NIRa550u6L2cLlSfxZd_sbAwrt5OJBp7eosB1RWxjgdWwo76bC5XSGSwcwa7I9YlBZ6gKwbnAfHm9rlOQNX_CKaodKNEac5oaPCnqwD_g0BywlTWoSbahri2TICi-QUEGGt1TerJWgXT4iGYAyXwAlBrVCpt0C0jghwvkBpMUPu9N_z1r5FRLM_QXx_GHVEIALCdHZGc1HAW72JTdE-vG88OinTkpKcWMAlYogmgRCSOFaBUum000La62Ms96ZRJh-SBZdpu-C-qhgB1GuvKN8ZFtt_K_zMcz0dg8SQWaI0y2ZNG5Dw5JZxB6WfGmMtsjI2yPQFlzXXjmWq6oOroXIcdtXnpD1hS8g3_uw86ubtageuAuCwAfhhB0G6GX6b6XoyVyy4_gelk2yH-tp47Jl2gRKX5Jm5oZX5sUi8rCOcgZDJFKjxPWZHl_7NW_PBDjZjPc8vW_6mJHOf81c9PHL2A6zFUJrMFH4v24M5fk2Glp4jOX-wLq_qu8DhnBAQCn6aVfFoiTl2K9QbFyj7do4gvZO-heblzcO_ZI9_A8P-Pu5JM5rMnSXuUMFSASwUVGLhX5WlkSz9hOoN_vmtPhoCKQza3CeHGs0_tBigTvdgUo7ids_70bovM1PU0QnSYB408QF0IgtZBRKInD41jA-ipXbWFvUQEoyf44pZdg2OJXNj8yJou93p45LQu3YZVCvaMLI_MifQVJ12U0A_g1l8I06C1gNDgOOQxU5d5giEJxkMT1UFt5rqEPhRhfiPInr8FWg2Qi01rQ2SrczgzomsevE-I70nI5yYF20WAWGn7iCx7N_7fKHnZpowGMh9l_tMbiVjMtCUoWFEF2OGozI8CLbAnyVUb-qGRwd6cRnz5pjNa7z5SYu7N0-xuFoHmME6NDuLTu8BXlp3jA9QbKAfeJzNksa5o8HAuL8-Ykdf1Y7dkTQ55D6tphdhNykgz_XCtLRXxQwl_rSSktl3UIg54gp4bK9tNbtJKtNSmbhD2ZsnJ_vaExBj0-8McGhTlPC89_0BTQupQLJ0iGW0avHGeQy2Se-YR355_dT5hOQ3cBdmWJT1Fdc_a46ZB7rMPCN-NLbav2WN2VLPKHtLaNrRzV_aewxnNn15tR4vu2_jlFbIFmcACMJjfSMU9wzSuRJtLKxt2TbJDExmyjoARxwhpMQUzp4IOOzVl8UP-8OkMNUYH8jp-jIoidFKEhtEO1LnuWAyVoMDjC8BzuTXPRIeAGr1GnWpmTDF9egRUO3Mo2cXeRS3C61skbKCi3OwoHZIw9uUIXivRUXTuJC7uXsd-tvT1dKDSPpk_97k9GU3tCE2r7iKnpK6dYltlJ9PMAG9eGji4uV76-tWic9WV8ZRijZC--WmbksT6ZDxSQFwx7XtV2BDkJ5p7JS77Bors0nG3UhqugY9AJJ8IsRNiZGGfINuJcVpUhbH8VpwTd2YqZhA0vfqrJLfbaJCiepQXRyepoDrzZLfbw8XEznMDjgpI7vEIY7JpYYtS-gLg9HCr2pVWIL8wIyXQzzCNHWtJaOond20jxEqbTnbXoFH8ume-GzGA75bn0Npf8jwfKzppx5rIXZatnGzH4EwDifspu1K2SDfw88FR-hy0XrBVi3si2JCcn8YS_p8UNncyHecWz5s5HMtn8lC_hopyMR4f9l-5DSYX-oEZwIHpKEfEGDhMApJItWaCV6OxB9HO6JHJHBuK2lp5rEt0Z_Fh6L8qwXvV3Wg-IpQNDd8IfWLdDHWSJN71GT7CRrqmRhDRPmg606Y&cid=CAQSTgAvHhf_6PSVOAb0EK4_flqsQHn1D_yUjVvnsToPqPDvkakXspvLZJzOxrXVG7pL3lniyN0KmYDBvZfpccu29A0riKxPMeh4VLfh25i56BgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.paladiny.ru%2F&ds=l&xdt=1&iif=1&cor=1139771926066145400&adk=356101034&idt=126&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:06:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 23:06:20 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C100 41 KB
14 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTE2NDQ2MDkwNDQzMgogIHNlcnZlcl9pcDogMTI2MDYzMTMyCiAgcHJvY2Vzc19pZDogNDAyODA1OTAyCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDEwNjU0NDgw...
ad.doubleclick.net/ddm/activity/ Frame C100 0
858 B 150ms
62ms Image
image/png 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTE2NDQ2MDkwNDQzMgogIHNlcnZlcl9pcDogMTI2MDYzMTMyCiAgcHJvY2Vzc19pZDogNDAyODA1OTAyCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDEwNjU0NDgwCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9iYnZhLmVzIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDgKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTcyNzAxMTE2OTMwODI3MzUwNjcKZGVidWdfa2V5OiA2OTkwMzg3MTU5OTY1MDIxOTI3CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0xMyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDEwNjU0NDgwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzgyMjQzMzUxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA2NDA4OTI2MDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTk4OTE4NjcxOTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1MzU4NTE3MzkKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYmJ2YS5lcyIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x4e2a16737df9714d0000000000000000","13":"0xe6d90fde40ba10ef0000000000000000","14":"0x8e143aa9c5d9bfac0000000000000000","15":"0xd3e88b53aa9508bc0000000000000000"},"debug_key":"6990387159965021927","debug_reporting":true,"destination":"https://bbva.es","event_report_window":"345600","expiry":"691200","filter_data":{"14":[],"21":[],"8":["10654480"]},"priority":"0","source_event_id":"17270111693082735067"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame C100 59 KB
23 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 23:25:19 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 2EE5 9 KB
4 KB 22ms
20ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 48481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 03:19:40 GMT
etag: 9219409622527106327
expires: Sat, 27 Jan 2024 03:19:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 6556 9 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 48481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 03:19:40 GMT
etag: 9219409622527106327
expires: Sat, 27 Jan 2024 03:19:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B30596182.382165617;dc_ver=99.292;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=356101038;ord=3y1i1d;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_uzGrL6iZfuREu62n88Pndem... Show response
ad.doubleclick.net/ddm/adj/N2194834.5065048BBVANETWORK_ES/ Frame C100 78 KB
33 KB 116ms
73ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N2194834.5065048BBVANETWORK_ES/B30596182.382165617;dc_ver=99.292;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=356101038;ord=3y1i1d;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_uzGrL6iZfuREu62n88Pndem2AuhgqzAcNezi9faEoeom8yIChABILOzjCVg1QWgAbTh184ByAEJqQKcXkyLdl-yPqgDAcgDmwSqBOUBT9BYwP614OX4SuIglHQJTmP4uKX0_OM8tJtPivL52LIM6IInuGU3q0SliG7Pl8jjNbdKiz9muJGGCNClRfexE5j85evHYjMl9d4n-0cyG0RSSx42ssIA8dUsPORY2QrZKz-dugjj2cvoGm99oo7M91XjHfSoFI_IpxDenxkbLTopxPeDxNUC9n6OHJfVaV8VQlQE0jTAiZom3GOu57GIdPjr0EnyFYcKZNxtiBkXNPjmS3lNJ_3KbzrA1dNmcm3R3FpfQXSTgJjsG4rLTyfcLRNUMkNjjh4_SFPogkUy5ZDnjutqBcAEhdjg4aME4AQDiAW4nJeNSpAGAaAGTYAHtJ6osQKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliIzb3P6NqDA4AKAZgLAcgLAYAMAaIMCCoGCgSsurECqg0CRVOwE_-AlBbYEwrYFAHQFQH4FgGAFwHoFwQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_6PSVOAb0EK4_flqsQHn1D_yUjVvnsToPqPDvkakXspvLZJzOxrXVG7pL3lniyN0KmYDBvZfpccu29A0riKxPMeh4VLfh25i56BgB%26sig%3DAOD64_1jO6UDiagULBfVX6ZWtlh0Ji-5_w%26client%3Dca-pub-5035092129732437%26dbm_c%3DAKAmf-DtdZixys9UT7-86yQ61qNM2CXRUG9DXRI8oPrNPEaYemvKBpqhRUufyPhyG99XHaVgq7oyKMqs___GEJTAn4bu571HWBzeIRY_lE5ig8YBhhclGIT6cR6ugAM_t32g_k3wWLys3T336Db844FF-FfmywwsJmf0HDufYbIhJSz59vW7IRw%26cry%3D1%26dbm_d%3DAKAmf-DRRN4gvl0gOrkv7ifkweBsST7LHOF36OmnmGvoXg4qVegQfS8Khp49LLSzu1gU6GwIcK4QQAZMMCeHiIBsQU3zMLXQEdmbkKAAvQ25mgn18J3s1QuxwujVrStQB_99of7u81umaiJSADfjCriMZEn3Nc66QSgsu_RLkAuT-9FdBjw6E0NY8Zy0SI06pocVC4y0zidQu0BWT7fk1Nx7yjJMw6JtQ8_eoKUAxvimZpWPMGtrSxdo_MXqEg1PtfUoj-AcAnMDu1SMlTkIUBuLdZrCcLVKK7aYWHgzk3lYXIzC71t5X_paZfSHetHp8e03mo7cGKCrD_Yfy8y_wkSu9JRqkUrkHThhgtZYa2OKoyjoOWDw3FUy98sIbcN2sD030nxKdYJ96VKWGvW3ZUpbjGWLMuY1wFqEHf5_GVwdjK5Lzo4NQDRngCLmz3epK_M991q2_1UXY6m5qHMKmPKxDg0tdiN4Cciq8r4OT11PQYK3xlgKJjrk0e_wY5ebhxZh9X0k7Hq0HbnlQXZaUI7PBPuITZ6Qtg%26adurl%3D;dc_rfl=1,http%3A%2F%2Fwww.paladiny.ru%2F$0;xdt=1;dc_omid_p=Google2;dc_sdk_apis=7;crlt=vG*.rMsLWs;stc=1;sttr=44;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

d931d9fb6e720d56a94db044f0b42af45b96fb0c57706597c3d97a69b54c46f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33473
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2EE5 4 KB
1 KB 80ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 16:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 15:27:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2EE5 205 B
295 B 75ms
24ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:30:37 GMT
x-content-type-options: nosniff
age: 98224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 13:30:37 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2EE5 604 B
1 KB 74ms
23ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 14:30:21 GMT
x-content-type-options: nosniff
age: 94640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 14:30:21 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 2EE5 16 KB
7 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 22:18:42 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 2EE5 22 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:16:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 23:16:40 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B12F 38 KB
13 KB 24ms
23ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 59811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 57ms
57ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=5291.13499.161201908.0.0.0&sid=65a2beac-3ba5-e402-nx3k-5wmduhtb6aeh&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1705164461
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
DATA 200
OK truncated
/ 612 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74dcd398eafd7dbc3d07b76625839f63f464de97b26adca97ac30883cf79b0d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 57ms
57ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A13499%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=65a2beac-3ba5-e402-nx3k-5wmduhtb6aeh&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1705164461
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 55ms
55ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A13499%2C%22ev%22%3A%22stub%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=65a2beac-3ba5-e402-nx3k-5wmduhtb6aeh&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1705164461
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 55ms
55ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=5291.692898.164073619.0.0.0&sid=65a2beac-3ba5-e402-nx3k-5wmduhtb6aeh&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1705164461
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 57ms
57ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A692898%2C%22ev%22%3A%22stub%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=65a2beac-3ba5-e402-nx3k-5wmduhtb6aeh&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1705164461
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 76DB 624 B
242 B 62ms
62ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2DKBDNjygYiLDI7wEwAQ&v=APEucNXluowVjVvKlcxdT9k8tCw6bwEv-FB2YP-Gp-JaOLLHqt614N4RUran7klOOi-sG_k3M40ZxbrbEdLCWLXThoMsicUgO28CLmMwVclTr6--MbfKcENjJdQZJLxDWVsc5qVrWFzTRwEweamCRqZKvB3-1ERTy63MX8eElquKoPZ4mvviVrk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:47:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6556 172 KB
61 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jan 2024 23:49:04 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 6556 7 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 00:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 00:01:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 6556 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 00:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 00:01:21 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6556 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 6556 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 16:19:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 6556 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 19:20:11 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6556 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A1RNkBeZMYIpVh3U3_lAnFnZs5-Q37Ty2S9vtHL4qbcYS13NYpBtF_mQs4MZlI-D5MEcbVw8U2GFCsWVdgpeMq_63T8IzBR8rIRNogAPAsEzU2h24

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6556 205 KB
65 KB 962ms
962ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 16:47:42 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame B12F 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 16:19:44 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E16B 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 59811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6556 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93232429ae1d70118d0b38338faf80eeba8db47640252c3019d607950a753c03

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 76DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1

43 B
737 B

37ms
37ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2DKBDNjygYiLDI7wEwAQ&v=APEucNXluowVjVvKlcxdT9k8tCw6bwEv-FB2YP-Gp-JaOLLHqt614N4RUran7klOOi-sG_k3M40ZxbrbEdLCWLXThoMsicUgO28CLmMwVclTr6--MbfKcENjJdQZJLxDWVsc5qVrWFzTRwEweamCRqZKvB3-1ERTy63MX8eElquKoPZ4mvviVrk
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muThlpxHEiOg56cUsy%2B3%2FsU6C5mzLPM3HBp3Ng10uzNe0DZKKTMeEkvPTYLZ2boA2%2B88%2BKINPOGnf1FoUx%2BPCCFJXDMbgGwBBSLWvAoyWYSkQakZFsOoucHOuKzdY3nHnpCI8ygD8bVTaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844f1f5a6b350497-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 76DB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaK.rL8n-ZkV2igyWqk5XQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1&google_hm=2

43 B
732 B

57ms
56ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2DKBDNjygYiLDI7wEwAQ&v=APEucNXluowVjVvKlcxdT9k8tCw6bwEv-FB2YP-Gp-JaOLLHqt614N4RUran7klOOi-sG_k3M40ZxbrbEdLCWLXThoMsicUgO28CLmMwVclTr6--MbfKcENjJdQZJLxDWVsc5qVrWFzTRwEweamCRqZKvB3-1ERTy63MX8eElquKoPZ4mvviVrk
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=772YkpODdTpJ8OyS0n9uvBx5U2XWMD8Mx1546vtvaTkpyGvQyEptD9qi7MNCXxtcjXl562VyRyy0iTYo%2BL3stlhLVFBePDK0DcWV1QoS4hlRzqphhExgrNiQ6vTXlt5vg9LF%2F3GPHfZxFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844f1f5acba40497-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG71mbgf8KEv5xANOFzgGk&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 76DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMxibmGF0q1caKiFm8n-nxY&google_cver=1

43 B
1011 B

22ms
22ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMxibmGF0q1caKiFm8n-nxY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2DKBDNjygYiLDI7wEwAQ&v=APEucNXluowVjVvKlcxdT9k8tCw6bwEv-FB2YP-Gp-JaOLLHqt614N4RUran7klOOi-sG_k3M40ZxbrbEdLCWLXThoMsicUgO28CLmMwVclTr6--MbfKcENjJdQZJLxDWVsc5qVrWFzTRwEweamCRqZKvB3-1ERTy63MX8eElquKoPZ4mvviVrk

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
an-x-request-uuid: 8ca50d6e-f21f-4cb1-94b8-a656a884b4f7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 95.211.146.75; 95.211.146.75; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMxibmGF0q1caKiFm8n-nxY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76DB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE3OTIxNDM4MjA0NzczMzA4Mg%3D%3D

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE3OTIxNDM4MjA0NzczMzA4Mg%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
an-x-request-uuid: 3848f600-703c-41df-aad6-30d5bd4ae4ff
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE3OTIxNDM4MjA0NzczMzA4Mg%3D%3D
x-proxy-origin: 95.211.146.75; 95.211.146.75; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6128 14 KB
1 KB 33ms
33ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 16:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 15:30:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 6128 2 KB
822 B 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 21:28:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 6128 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 11:25:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A797 143 B
166 B 26ms
25ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 6128 3 KB
1 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 16:19:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 6128 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 19:20:11 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6128 205 KB
65 KB 934ms
933ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 16:47:42 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 6128 37 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H3 200 CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E16B 50 KB
19 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 14:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19695
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 14:33:09 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C100 111 KB
39 KB 27ms
16ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jan 2024 21:44:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame C100 11 KB
4 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2194834.5065048BBVANETWORK_ES/B30596182.382165617;dc_ver=99.292;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=356101038;ord=3y1i1d;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_uzGrL6iZfuREu62n88Pndem2AuhgqzAcNezi9faEoeom8yIChABILOzjCVg1QWgAbTh184ByAEJqQKcXkyLdl-yPqgDAcgDmwSqBOUBT9BYwP614OX4SuIglHQJTmP4uKX0_OM8tJtPivL52LIM6IInuGU3q0SliG7Pl8jjNbdKiz9muJGGCNClRfexE5j85evHYjMl9d4n-0cyG0RSSx42ssIA8dUsPORY2QrZKz-dugjj2cvoGm99oo7M91XjHfSoFI_IpxDenxkbLTopxPeDxNUC9n6OHJfVaV8VQlQE0jTAiZom3GOu57GIdPjr0EnyFYcKZNxtiBkXNPjmS3lNJ_3KbzrA1dNmcm3R3FpfQXSTgJjsG4rLTyfcLRNUMkNjjh4_SFPogkUy5ZDnjutqBcAEhdjg4aME4AQDiAW4nJeNSpAGAaAGTYAHtJ6osQKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliIzb3P6NqDA4AKAZgLAcgLAYAMAaIMCCoGCgSsurECqg0CRVOwE_-AlBbYEwrYFAHQFQH4FgGAFwHoFwQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_6PSVOAb0EK4_flqsQHn1D_yUjVvnsToPqPDvkakXspvLZJzOxrXVG7pL3lniyN0KmYDBvZfpccu29A0riKxPMeh4VLfh25i56BgB%26sig%3DAOD64_1jO6UDiagULBfVX6ZWtlh0Ji-5_w%26client%3Dca-pub-5035092129732437%26dbm_c%3DAKAmf-DtdZixys9UT7-86yQ61qNM2CXRUG9DXRI8oPrNPEaYemvKBpqhRUufyPhyG99XHaVgq7oyKMqs___GEJTAn4bu571HWBzeIRY_lE5ig8YBhhclGIT6cR6ugAM_t32g_k3wWLys3T336Db844FF-FfmywwsJmf0HDufYbIhJSz59vW7IRw%26cry%3D1%26dbm_d%3DAKAmf-DRRN4gvl0gOrkv7ifkweBsST7LHOF36OmnmGvoXg4qVegQfS8Khp49LLSzu1gU6GwIcK4QQAZMMCeHiIBsQU3zMLXQEdmbkKAAvQ25mgn18J3s1QuxwujVrStQB_99of7u81umaiJSADfjCriMZEn3Nc66QSgsu_RLkAuT-9FdBjw6E0NY8Zy0SI06pocVC4y0zidQu0BWT7fk1Nx7yjJMw6JtQ8_eoKUAxvimZpWPMGtrSxdo_MXqEg1PtfUoj-AcAnMDu1SMlTkIUBuLdZrCcLVKK7aYWHgzk3lYXIzC71t5X_paZfSHetHp8e03mo7cGKCrD_Yfy8y_wkSu9JRqkUrkHThhgtZYa2OKoyjoOWDw3FUy98sIbcN2sD030nxKdYJ96VKWGvW3ZUpbjGWLMuY1wFqEHf5_GVwdjK5Lzo4NQDRngCLmz3epK_M991q2_1UXY6m5qHMKmPKxDg0tdiN4Cciq8r4OT11PQYK3xlgKJjrk0e_wY5ebhxZh9X0k7Hq0HbnlQXZaUI7PBPuITZ6Qtg%26adurl%3D;dc_rfl=1,http%3A%2F%2Fwww.paladiny.ru%2F$0;xdt=1;dc_omid_p=Google2;dc_sdk_apis=7;crlt=vG*.rMsLWs;stc=1;sttr=44;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 11:31:29 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1079 38 KB
13 KB 24ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 59811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C100 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cce7b144e81773e7af9bfbf16d0e1bfe5807d31d071ad9b9c4135865f6d9d8dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18221096529761682194/ Frame E09A 125 KB
29 KB 124ms
42ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18221096529761682194/index.html?e=69&leftOffset=0&topOffset=0&c=o7dSnXVbpg&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f294a2d080c9e37dcf007f1f162abb501d38b76a3ecddef0d7f87d8e4de471fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:47:41 GMT
expires: Sun, 12 Jan 2025 16:47:41 GMT
last-modified: Wed, 05 Jul 2023 12:50:59 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 6556 0
0 76ms
74ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstUY8Oaqf97imviEAQnkmtfbrvOcuH_rOalLVVvnb1ioPCqmv94Wh3FfCmW1ymfZzrLLgDo7MueEGoJ75MgVP4j6ZN55BNKiUQYqgemxnGMvPy38yXZq0Rfvn719Xs_gBvRERXq6BY9pjCv7tEtv_oxOSbj_ELrtPy86XJRAuN7yZfc2y25V4BPuzGV-tUpv-6rWzDbnhm6g7fB5V-tNle9D_TukdTjMT1F0dhebKkK81MKPvUCeTyaCHGbApK-YSF1dNzOYVF8OrdPzHfIe0kgXmL1aoqx-DKYFEUTiNWd1dyiP078gsqIra4m8rNunavCnO_xPgRde_Y_fvhLNiAvzlLY7IF5Y89fmMQqrN1NmT01Nz_zjMT1k7tXMzXHos2lapKmRRgd8Qq8mF0o_Zm0jAhUb8zFD8pBtLg98A85EdRKxDdYklOWXMIPBOzRZcFRslTBcQFgIVmQ14TetOlPXo7kjMFyauuzYRi1KMnMBormxD3R1Ld56dLUUTzGOuwNmxwkv_8pVuRkpAaxyenftSawChWt-4g3VX2BOInkL0L15c6-MH_ORxvjPM6PicS2oT4XNHydoxfMKS2pNwMlgj4YQjtoFvgFkK3mQWgdAZZz2BagOe2l44EiZZ1oIUqh7qZKaOK2b5884aYFeRLnuJ908mMPlPfEi3Us0jJmcgRdE8AsqUuTvfNDFdAFYdhQ92owLi4Sy_L-oeoDBcwcFk7453QyakB23_-vBrLDMFKY5zklgyaFaAB4_vFytZAN4wZU0V7-zDSqcWqSEo5mri8p6GnjUMVeN6NdZKyNSkTOtuJHquYeItgkSThbW6_m_bPp76sa7qojMqr8n-6tBInWE3NHRlZQyq4gOkcIg1auXBCX5Nwtg_hnV1JnuM41Ptuin5B-g3Fj19IVW3ymhYY-L_isAcrphYmKn1ccINzCxX8OtHDcTtYUdIzZEZ96I2_4HL633c12J3QSs1JtuMc05nAP-u4id5-XfAVfFB90SUasTln8Ij5qwYutUoKp2JFonsgB_gTpD1PBE-ssGnfz8ZfN-5F__NMN31C1rp0ymdDN0rNZtZL__mkiosHMgE3b_xBuuXoTxU1k-W_3xgV5kBt4DbIsQiANCb1PcLyV8NDYR2v2lQLAI-hkSqhDoH15AsH-5wwTbqWjgSldROmPZQxfLYtCneuxb8BrZjj6VPJv5EoXBIU6bV9wGz-9yeXRFXF8WjLyBeo8ylCyLLqF5pMvVh0oQNeU59F0QHS_Ez4&sai=AMfl-YSFlO2hzRzi_I2FDYGMo5UvwKiQk3uQ80_bf10uwvgi_Qb7pNmPUN7ctqTzk82wJkFP3qlf_vNccnSjn4DqFRJDOmtjlINcLegy3mvs6x8vcBxebHJRL9wz6VdKnUrtGSyxgm07eq8bQpGw34WyNYkSVn332U89mA4ykceyj4Ilq3jpeqos5GKAatO3-PKFW3wD9k_hkeaz2HH4V523R3LSjdyKvt-bMSho6lmzpsp_pbtL11Xt4FS5UsIgj1wop81TEaZKJyr4DL2m3QDRbhs1bPMYH2qThtsFTYkzRaokznVbkqQwd3ckQU2QDzWh54QjgRHNhY_hScdXzlfzNGmu_tT6vpQ5vflcw6Aofy9I0u2UmSXpQqtlTY9zPStnAFXUfpNmmMMHGcIq4FO4HgCM25tEYVYMLPt3gOzbwlmHBjnLGTBdz8AFzXIXol88IULi0lgKDAbPeuM1KOqU9y4DYMnEL1keyqRVn0H6TXlALztDzVqBi0u_YVwHg4pRPupj&sig=Cg0ArKJSzK0S7Vhk42ldEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tYXBmcmUuZXM&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=151&cbvp=1&cstd=146&cisv=r20240109.88597&arae=0&ftch=1&adurl=

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 Jan 2024 16:47:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C100 85 KB
31 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d73b448fffd21a709f9fc04cccee3f53f6e45050cfe82bb3a09204b4f94d0c35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31978
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891453224463"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H3 200 PromoIphone_TF-B-DF-1093_dis_160x600_es.html Show response
s0.2mdn.net/sadbundle/13656848552175302391/html/ Frame C342 8 KB
3 KB 55ms
33ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13656848552175302391/html/PromoIphone_TF-B-DF-1093_dis_160x600_es.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b50c0d2bc812270e5dcb51f7116ef66cca497fe49b031ebd0d27fa999e2a2658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 370840
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2800
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 09:47:01 GMT
expires: Wed, 08 Jan 2025 09:47:01 GMT
last-modified: Mon, 20 Nov 2023 15:08:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C100 0
0 142ms
65ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstxHz5Go2XFQDvNGcCx3hzLXRRF2a6AbZ_wEDFFUR4lF3O89ce63WjhY-1JzYg9y1sR1XpkfpCoj0FtrfkELqPyCAwXWVWSgF7NrsIYgz9Bnk068YQaBzgPztE_rwgTUs0T2XgA53NKEP2uwc_ResneMfaL3SMXwD_Y15l56Y1zxNBiAQ-xK6MBIDsm16BLuDbrQQ&sai=AMfl-YTofuw2iZclV7WpjnVSOQ8A0Pa4vLFXKoqJMIONHjV2VA6ffNWXOTMLOS1iZQNDfXCN1etpIth6kVVUKXE5Yv0bBECNzAMc3CnPNg&sig=Cg0ArKJSzOPyl6EvSz1wEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=98&cbvp=1&cstd=97&cisv=r20240109.40303&arae=0&ftch=1&adurl=

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK adServerESI.aspx
secure.insightexpressai.com/adServer/ Frame C100 0
0 114ms
33ms Image
text/html 2a02:26f0:3500:58c::1ec4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.insightexpressai.com/adServer/adServerESI.aspx?script=false&bannerID=2709999&siteID=9080245&placementID=382165617&rnd=3096400986&tag=img
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=600&slotname=1332047107&adk=1460880071&adf=2290519548&pi=t.ma~as.1332047107&w=160&lmt=1705164460&format=160x600&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&wgl=1&dt=1705164459885&bpp=2&bdt=263&idt=302&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=6926956670417&frm=20&pv=2&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=309
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58c::1ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A797
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
36ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:47:41 GMT
expires: Sat, 13 Jan 2024 16:47:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:47:41 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B12F 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BYZB5rL6iZfCZN5ykjuwPjqmJwAEAAAAAOAHgBAI&bg=!HB-lH1DNAAaumcC-jpk7ADQBe5WfOGrpA_rMRU9Tx1Ura3eJ8zXdfDme653OcppImy1hfcW_8mp5qZceQH-dJD68mSWFAgAAAH5SAAAAAmgBB5kC5YBMd5ZfduPMh5tUs7BprbRYgkBjrvUPcdPL8hZ4j0qDzsoDShA1wEQe5jYEev6_yPmySIlMKteVLnFqRj75xiCzcOOjxI8Sf7jd7JS434YGSJTfrmFnh-GUu_DSXgk6XXj97zlZAb8MQ4KKOJAQw_hxuWgvJdx-DhngBCeM0qqZaVkkfRCFCxSyz3Up6c_5WUSUMIKKz1-G3vdBF5DMmV5To8POGgf--jhHVL76oa3aNDuPI8VIdlQdpSBBi1qAa-dCx6jArbKZJvA2xhz5zh2brcex0oxvXPL7MwZbVNC-rUrXq0C1pm8mHqBDszoN0VpIPFgY_KJ61sMtc5wYqMmsgLlxoRoc1GYMBondt3mj23gR4uoHqca12j0LlxYKHL3X90FSSW2FH6DcjvqoitnjQO6OSlhGjg2HMeNO3oWn1c7tsGJPBK7nXMODjcmuXtPcDqwH4ZsvTpef4QYFsNV_-mudh1otFRkUkf4oUtLty4lWiwoyo7x4ENcT_jJUCv_w8m2vn99ZjiygXfF5i7SfSA0oEds4p5PohzI2IVnstJklkzCrHIQQDbKjcUkqk4GxS_45ZxIPpseeO3ps9pSrasPe-P162jp4qg8FapOeV-f0NxumWTOkzuY4N-ghIU6RdA1EcdW6BuwKk0hlTvGBUuqtLj9TSbAXfS2cs1G13CAMG7w7XuFGPI_rvqKZzQ_39uEIe3jXpF0xGSZI-ITXlgt6-h_jR6DeIdD_rK5bIyG_g6U0ercimzgjN4bsRBI5xuGxyUppND1Lxpl94bAfW8Rh4TljgeBzXbCWHdL-hGYJZWMwctDRHB3g0oThMqWjWBeg326wE8aGb4K_Hb6SQ8r6YCYgySLgMOf-d7pQ7o2lQCZtJi8qdrQJNsyZFE2Yd8baLgpqcf_KNMgTSAANtXyG14gFKC5fwv9tMYQ4ADqsiuzn3_I0_10zFxXlkiXMbYOyqG5sMqKuTxdT2CzS3BqwUg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1079 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 16:19:44 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C342 236 KB
63 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13656848552175302391/html/PromoIphone_TF-B-DF-1093_dis_160x600_es.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13656848552175302391/html/PromoIphone_TF-B-DF-1093_dis_160x600_es.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H3 200 PromoIphone_TF-B-DF-1093_dis_160x600_es.js Show response
s0.2mdn.net/sadbundle/13656848552175302391/html/ Frame C342 196 KB
39 KB 34ms
33ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13656848552175302391/html/PromoIphone_TF-B-DF-1093_dis_160x600_es.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13656848552175302391/html/PromoIphone_TF-B-DF-1093_dis_160x600_es.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65e6bdf74cdc3f43bd2bccf48032070b14d306f543d57f7a9f9e04609c6803dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13656848552175302391/html/PromoIphone_TF-B-DF-1093_dis_160x600_es.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 06:47:14 GMT
date: Fri, 12 Jan 2024 06:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40293
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 15:08:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E16B 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B6JBSrL6iZcuGFb66n88P8vu08AkAAAAAOAHgBAI&bg=!g4ClgM_NAAZ1R9vHVUc7ADQBe5WfOJ6Sh24XkUEA8nEEaUyJfJqKik6wUb44hU9L-7URtOTQjXL2GUeX6XxAYVM0Ni7mAgAAAEtSAAAAAmgBB5kC4yaIAGYlYYRKs3mgOV-wlhuFax8EzHlT8rxdeVlaCMt3w_BqMLUO1s34hU9SJNDatopSkPdjXLkeG0gmZ9UtDulLoNOTBXURuMaCWthDcS0WKvvyFfRNLUzjirAOyW5y__cjMtXocXmrLd_3J2pFQ56_NkGs1aGIsavpSKu5wxHAyMlWvQyqLsinAQgBPXU3K2sY2j9VWJTMOVhZMF6WgxXF9s3XmrkDlkevQsOp5Yz0wjvNB5UnSoVIvU38tZsFmCA98Ke12qSUZ3wxZekB3dMorotD-LXkoPZBMZ9QFTi6NP0qzW08wH2zUI_tv06lPg9brIcR6H8AkqflxQ4wYIRkeKYrzF1piHIOC-11PSq5Wgn9zwf4xwg9FvjtpusY_zcxSMfIO1GCiA47Sv7ih6hzvLRAWQ2_WfZcKeTggIT3I1jnuKLHP9hhbxA2Rz6efaNUddro-AZe4zXsoYhZC7QvY8vFCp1zKCqfMT47MRV0lpQ81G9CtvPR5AmcOky2DKEoZuv6R7i68pBWlLDZUwJAdDQN1LCZAdZatos81q1fS9UTG0jmu5BVfa1tithNMQe7xVimnQMmn2u536vZ4xmqVsyBjEPIEe3dWj-z0ccij9C9s4futiLLVu_S8bG31VjsrL7_2uCuHfvWAlFOglnxmZZoUhGfrhhMZzj_dwu8n836j_2H6H-owvtpcn-hcZ7S_BI6wrnfIZ7rg0bJ1dnF4s6QtDScSMoPC4XO9vl-I9fTuG4q7ZKM0nKOtzpd5HMtoa-RqpbOfHut4zSPUeBcwYk0b3DSll2pAWUQMfIOiMMnaRfKRF7oAWxlNFtpYvd36TM79ah_O6TJjXJxx2IKJX4sOz3iDnYZnWJ1LZOffB8Vru504bUxr301P6_XsQ_mEyr4pT49xDWUMeIJ9JQc3JbAZ_ATtBI5M2Cvm_T31T0jWlxz68mmk9jWQHTcvpUMLKgWG3yCuXC0o8AW5nnfHuE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame E09A 120 KB
41 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18221096529761682194/index.html?e=69&leftOffset=0&topOffset=0&c=o7dSnXVbpg&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18221096529761682194/index.html?e=69&leftOffset=0&topOffset=0&c=o7dSnXVbpg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 12:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Jan 2024 12:23:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1079 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bfxcirb6iZduQB6KdjuwP68aq4AgAAAAAOAHgBAI&bg=!i4iliMfNAAaumcC-jpk7ADQBe5WfOI_cUCfwTeM9TAqsu5iJ-2WU0IBcTqTjfeCFGYjiGL2A-fqxwvU_qLNIGBhGTtMjAgAAAE9SAAAAAWgBB5kC7wllQV44OCNBIgpVEXuKmqx_f94KVYJVP4VzhLlFQjWd4bD9Eyq2EfWzi8chGue1qf2313qn8B0tvYPMqiI8-eoU7QpiG9vvBnHPM7zIvz_Rj_NHxjbiAzzfom3MlenOBxRbziN3UulwhalXLp0D0dNsbB7YnmYKFVafovClQd0tRth6gr8IbcNaUSHt79F0XwokKK0XUrRqXTS0jMc24M57eN-N5vDBORXD5rBME_VWPxyNfCSLgF4OOli2Lh87X_cI1sq4xWnCuHVJJkMDDClKmU2l2oL6JgIdP0ullDQ-PQJYGJ1mb92oPFn9539z1Gecx2NUULgO-zMva3idRmlbg4q7CeW04dpvRs_Us1O-LO5yu4zF26E5AizB9Wk3cadLuy6Sr9nK1qXfyBtq8pWYwynJXHYhS1yPiP1AiUzyoQ_CO3ujAqdNrv8Q8QKAhxoljZGMd5g6XeowsVMzglIbPGI5d4z6UzasA6n0rnZGEaeqsSce_uykdPNRI4Ra4JKbRhCHcjQZxGJ95O2lHui2Zv2LV2i4zNJ2-dHnxtUihnaFeVF9Rdb3avEXyZY1gy87GEHsjYa9xlFXlE_LFaP3jCLvpAV1EXCm3VPgqdnVagmNgZdQkuKWsVNLBKmnb5Ma9E2RFhdwsfDsQagi7KahtF4B7TCAXjrIfGg5HoFaBXiXdLav65z2sqKDKcgj3zgomnp6rGcfMEP7kLtKmr-rjd7lXlt24PDpdyrKhY8FhkyKuagurfokxou3u1Nk0UTLOkbBufprJlmP2ir9kvisG9IFQSue5Uu0X8xtupNEdyD6miTTEPwL-i3g1_jmdfsy2IuMbJiP2WvJIB7t1XTHF4EQ9yZPXWPzk64yi1BA5mI8sU_nQLGbVijBTTI9OgKUa91mCY_Tsk8_R9vm8029-UvJ93rLlPyGIM51y_X3aS2Iq0L-TmYHjxEymaf0k_9lBJq-VlCE_wQ00Ons4sqDG7DHbsaa8BN1tQYRbAU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame C4DE 2 KB
3 KB 108ms
45ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kev8arm64d4j1xwez45c13hsgcgek1439thf500by7fyk5mgw7zkfpw7ggvft6r5r5wyk13n0n3dxmtzzkkjq9nwpnrdtf13a5yvztx6n86s6czb91x0p6f5yf2615xd5ne3rnp5rn38tyws978n5k748ftjq0026xgwzd4ye5hk7drnzq0fptc300qew3tpk1xxamsce22acct5k8nj1vqss7vvk2gafw77p7bphpew6mp3amf3edvttkg1jx9rxdwe7b7fbkpgseaackgg1ky6tcc74chnfcv0ebz7mkwe0g873g5a7ey8252avw3k0xt1tpr2aswja7qawqxs648j3p83q1649peefb1dhp15x64295a1pmy9qcxnq16q9dymzr11abxcyj9dmcr4fy81xctw7n3785srm1j4qcrg5qhf3ywnz0gb3hhxpp2vp75jebxx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%26client%3Dca-pub-5035092129732437%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705164460&rafmt=1&to=qs&pwprc=9553686225&format=1200x90&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705164460981&bpp=1&bdt=1359&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280%2C551x280&nras=4&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1400&ady=4540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cf42c364a720bd0e3c2e854a0ef3a437c926df98005b0a84b4c481234dfb7f9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 844f1f5c793235e5-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:47:41 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9B0C 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 16:19:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4198 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 27251
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Sun, 14 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9B0C 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 19:20:11 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B0C 205 KB
65 KB 649ms
649ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 16:47:42 GMT

GET
H3 200 Rectangle.png
s0.2mdn.net/sadbundle/13656848552175302391/html/images/ Frame C342 40 KB
40 KB 32ms
32ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13656848552175302391/html/images/Rectangle.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a392990f67e088b02fdae4d0b91e8ec209ac8dfc99891da4d67a362b15f0e343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13656848552175302391/html/PromoIphone_TF-B-DF-1093_dis_160x600_es.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sun, 12 Jan 2025 09:22:15 GMT
date: Sat, 13 Jan 2024 09:22:15 GMT
x-content-type-options: nosniff
age: 26726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40514
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 15:08:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C100 0
0 59ms
59ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstxHz5Go2XFQDvNGcCx3hzLXRRF2a6AbZ_wEDFFUR4lF3O89ce63WjhY-1JzYg9y1sR1XpkfpCoj0FtrfkELqPyCAwXWVWSgF7NrsIYgz9Bnk068YQaBzgPztE_rwgTUs0T2XgA53NKEP2uwc_ResneMfaL3SMXwD_Y15l56Y1zxNBiAQ-xK6MBIDsm16BLuDbrQQ&sai=AMfl-YTofuw2iZclV7WpjnVSOQ8A0Pa4vLFXKoqJMIONHjV2VA6ffNWXOTMLOS1iZQNDfXCN1etpIth6kVVUKXE5Yv0bBECNzAMc3CnPNg&sig=Cg0ArKJSzOPyl6EvSz1wEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=298&vt=11&dtpt=200&dett=3&cstd=97&cisv=r20240109.40303&arae=0&ftch=1&adurl=

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Fixture-CondensedSemiBold.otf
s0.2mdn.net/sadbundle/18221096529761682194/ Frame E09A 53 KB
34 KB 32ms
31ms Font
font/otf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18221096529761682194/Fixture-CondensedSemiBold.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18221096529761682194/index.html?e=69&leftOffset=0&topOffset=0&c=o7dSnXVbpg&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eafbf64b60b4c39c967061c54b59050c5cc9b51c14a8276fe461722d0554917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18221096529761682194/index.html?e=69&leftOffset=0&topOffset=0&c=o7dSnXVbpg&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 07 Jan 2025 09:37:10 GMT
date: Mon, 08 Jan 2024 09:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35031
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 12:50:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 DMSans-Bold.ttf
s0.2mdn.net/sadbundle/18221096529761682194/ Frame E09A 70 KB
36 KB 36ms
36ms Font
font/ttf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18221096529761682194/DMSans-Bold.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18221096529761682194/index.html?e=69&leftOffset=0&topOffset=0&c=o7dSnXVbpg&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35879eb94bef73bd2fab40f0c3391c26d53844b67e7fd4a7c7ba9ef86fb96968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18221096529761682194/index.html?e=69&leftOffset=0&topOffset=0&c=o7dSnXVbpg&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 16:39:21 GMT
date: Fri, 12 Jan 2024 16:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86900
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36741
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 12:50:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 9B0C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2da56f9281cf0c312c3d54c1dd80b604274077a565de76026bcd3b77e41a3126

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4198
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOoGLe42VlRurkQDX5GYLrU&google_cver=1&google_push=AXcoOmSW-byfXPL4sbWAGbNOJ-R3rmt7vC9_0SLdSTCt5aBIBGP6xHOaYbDUCv7SUjYiTLv33m2RL31SESg_VY5BHqKimaX_y42y8...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc0ODcwMjA2ODk4MDk0NDE2Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOoGLe42VlRurkQDX5GYLrU&google_cver=1

43 B
398 B

14ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOoGLe42VlRurkQDX5GYLrU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705164460&rafmt=1&to=qs&pwprc=9553686225&format=1200x90&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705164460981&bpp=1&bdt=1359&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280%2C551x280&nras=4&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1400&ady=4540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOoGLe42VlRurkQDX5GYLrU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4198 35 B
463 B 73ms
22ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELnimNqi81Sn_8xjxbhPzlE&google_cver=1&google_push=AXcoOmQM-u3hMTcVIK2flHehb9g2wJmrHv0MfqTjnGKDC2fbR87BNE7dXFvsgsqEEmf5W9IkEnTHIOlg1wYeROGGU1vJs22P-meFgVSwfWdapQPm6GdYq3vsKW1oUtEz6WZXLZIMkACArF2u63-veJo2yZLyt2w

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4198 0
104 B 142ms
68ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAfNY-YLCDx60yhvQQ_GWkc&google_cver=1&google_push=AXcoOmQ4dsKPF-Rqwq2RLsVKj4nH8mEPDd5fQwdJ4ikTAiu50M-C30FHlhP4XqqLhITQXIPeki8gCd1zrS59UC5iYGiqE_v-aU5UzTTEjfBLDpelbA7lwK4-UyN9VyXR4A8pwCvyKB4AnRx0HSNv-FBQZmWJqPs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705164460&rafmt=1&to=qs&pwprc=9553686225&format=1200x90&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705164460981&bpp=1&bdt=1359&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280%2C551x280&nras=4&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1400&ady=4540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 4198
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECqIXVA_ev_8j39MkciAwgc&google_cver=1&google_push=AXcoOmT-O9IID9Q9YaYlrZCihXJ_WbjA75vRnBIg5jara0xYYpZlX7dT0rP8rOM43udQf-B436KIVMk9mbEbbvZfJn16dgRxL1bes...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECqIXVA_ev_8j39MkciAwgc&google_cver=1&google_push=AXcoOmT-O9IID9Q9YaYlrZCihXJ_WbjA75vRnBIg5jara0xYYpZlX7dT0rP8rOM43udQf-B436KIVMk9mbEbbvZfJn16dgRxL1b...

43 B
425 B

194ms
179ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECqIXVA_ev_8j39MkciAwgc&google_cver=1&google_push=AXcoOmT-O9IID9Q9YaYlrZCihXJ_WbjA75vRnBIg5jara0xYYpZlX7dT0rP8rOM43udQf-B436KIVMk9mbEbbvZfJn16dgRxL1besL6ZDvYtH8x4DQ8NKdy6Rg-vN_c0pnrowdCTDY8ClS6z3nwW1UcWaBKFuvQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT-O9IID9Q9YaYlrZCihXJ_WbjA75vRnBIg5jara0xYYpZlX7dT0rP8rOM43udQf-B436KIVMk9mbEbbvZfJn16dgRxL1besL6ZDvYtH8x4DQ8NKdy6Rg-vN_c0pnrowdCTDY8ClS6z3nwW1UcWaBKFuvQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705164460&rafmt=1&to=qs&pwprc=9553686225&format=1200x90&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705164460981&bpp=1&bdt=1359&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280%2C551x280&nras=4&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1400&ady=4540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 844f1f5df98fbb9b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 863
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECqIXVA_ev_8j39MkciAwgc&google_cver=1&google_push=AXcoOmT-O9IID9Q9YaYlrZCihXJ_WbjA75vRnBIg5jara0xYYpZlX7dT0rP8rOM43udQf-B436KIVMk9mbEbbvZfJn16dgRxL1besL6ZDvYtH8x4DQ8NKdy6Rg-vN_c0pnrowdCTDY8ClS6z3nwW1UcWaBKFuvQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT-O9IID9Q9YaYlrZCihXJ_WbjA75vRnBIg5jara0xYYpZlX7dT0rP8rOM43udQf-B436KIVMk9mbEbbvZfJn16dgRxL1besL6ZDvYtH8x4DQ8NKdy6Rg-vN_c0pnrowdCTDY8ClS6z3nwW1UcWaBKFuvQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 844f1f5cbfdbbb9b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4198
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTpAI45...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTpAI45...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMTMxNjQ3NDEwMDAxODkzMzIwNTIwNg%3D%3D&google_push=AXcoOmTpAI45bOYObPE3M4KvottA2PRRXi2I1WpwlFtZ9ePum1mEPtkwCwQcvBKSfy9Gkh...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMTMxNjQ3NDEwMDAxODkzMzIwNTIwNg%3D%3D&google_push=AXcoOmTpAI45bOYObPE3M4KvottA2PRRXi2I1WpwlFtZ9ePum1mEPtkwCwQcvBKSfy9GkhQGzkhp6PDqiUUX4JlihaeqnKTeK1KToaitlXGFdiWMg6DN9FxeyvIyT0G_1F5sZvf-YLCmb5Mraepme_1Mk-x6VWI

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMTMxNjQ3NDEwMDAxODkzMzIwNTIwNg%3D%3D&google_push=AXcoOmTpAI45bOYObPE3M4KvottA2PRRXi2I1WpwlFtZ9ePum1mEPtkwCwQcvBKSfy9GkhQGzkhp6PDqiUUX4JlihaeqnKTeK1KToaitlXGFdiWMg6DN9FxeyvIyT0G_1F5sZvf-YLCmb5Mraepme_1Mk-x6VWI
pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4198
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPyTXS1apoT2D_6_rWT03yY&google_cver=1&google_push=AXcoOmQsM9l60p5FfvxZJBI8pHsOiy8g8q5_IjE8LCRmPHBNXfotFTwz7gIzfTLjfQyhIA6i6hXVltdTSFXX...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQsM9l60p5FfvxZJBI8pHsOiy8g8q5_IjE8LCRmPHBNXfotFTwz7gIzfTLjfQyhIA6i6hXVltdTSFXX79VxNRC8Mp12qNoIc6HJcfjTR7RrkYjX0RWl...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQsM9l60p5FfvxZJBI8pHsOiy8g8q5_IjE8LCRmPHBNXfotFTwz7gIzfTLjfQyhIA6i6hXVltdTSFXX79VxNRC8Mp12qNoIc6HJcfjTR7RrkYjX0RWloapvg3D0Kiz7kcNljda5ktZ5SExxaH95-iIuw1g

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQsM9l60p5FfvxZJBI8pHsOiy8g8q5_IjE8LCRmPHBNXfotFTwz7gIzfTLjfQyhIA6i6hXVltdTSFXX79VxNRC8Mp12qNoIc6HJcfjTR7RrkYjX0RWloapvg3D0Kiz7kcNljda5ktZ5SExxaH95-iIuw1g
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 4198
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDtXUVg7OA4M...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ4xfEyhB5XhDudgw3k5cu1o_CxI7uhL5tUX7gBHG-2GQ08gES1ipx_XFh9R0VIkiWj0kjUXUp4AoR0zCuevAHsDHoEVULH3EwRNEKZwlbxo051m...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

45ms
45ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705164460&rafmt=1&to=qs&pwprc=9553686225&format=1200x90&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705164460981&bpp=1&bdt=1359&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280%2C551x280&nras=4&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1400&ady=4540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 13 Jan 2024 16:47:41 GMT
pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4198 0
12 B 29ms
29ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JsEW5tUrK1XrTlCBCnPtTejRKl0YVOAYE0NXJCU3xO9Z5cCQ0uyr43RH4NIpxLnOQ_409fPw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E09A 8 KB
6 KB 105ms
63ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3858dc61ea0064fe84c32ce3ff456b23152823741c54a39967d93a671b94d6dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5982
x-xss-protection: 0

GET
H3 200 _img.jpg
s0.2mdn.net/sadbundle/13656848552175302391/html/images/ Frame C342 19 KB
19 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13656848552175302391/html/images/_img.jpg

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f21685ff824954078e67489f9dd25825c0ba002baff404ca61457288eb0061d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13656848552175302391/html/PromoIphone_TF-B-DF-1093_dis_160x600_es.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 16:56:45 GMT
date: Fri, 12 Jan 2024 16:56:45 GMT
x-content-type-options: nosniff
age: 85856
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18979
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 15:08:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 6556 0
0 58ms
58ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstUY8Oaqf97imviEAQnkmtfbrvOcuH_rOalLVVvnb1ioPCqmv94Wh3FfCmW1ymfZzrLLgDo7MueEGoJ75MgVP4j6ZN55BNKiUQYqgemxnGMvPy38yXZq0Rfvn719Xs_gBvRERXq6BY9pjCv7tEtv_oxOSbj_ELrtPy86XJRAuN7yZfc2y25V4BPuzGV-tUpv-6rWzDbnhm6g7fB5V-tNle9D_TukdTjMT1F0dhebKkK81MKPvUCeTyaCHGbApK-YSF1dNzOYVF8OrdPzHfIe0kgXmL1aoqx-DKYFEUTiNWd1dyiP078gsqIra4m8rNunavCnO_xPgRde_Y_fvhLNiAvzlLY7IF5Y89fmMQqrN1NmT01Nz_zjMT1k7tXMzXHos2lapKmRRgd8Qq8mF0o_Zm0jAhUb8zFD8pBtLg98A85EdRKxDdYklOWXMIPBOzRZcFRslTBcQFgIVmQ14TetOlPXo7kjMFyauuzYRi1KMnMBormxD3R1Ld56dLUUTzGOuwNmxwkv_8pVuRkpAaxyenftSawChWt-4g3VX2BOInkL0L15c6-MH_ORxvjPM6PicS2oT4XNHydoxfMKS2pNwMlgj4YQjtoFvgFkK3mQWgdAZZz2BagOe2l44EiZZ1oIUqh7qZKaOK2b5884aYFeRLnuJ908mMPlPfEi3Us0jJmcgRdE8AsqUuTvfNDFdAFYdhQ92owLi4Sy_L-oeoDBcwcFk7453QyakB23_-vBrLDMFKY5zklgyaFaAB4_vFytZAN4wZU0V7-zDSqcWqSEo5mri8p6GnjUMVeN6NdZKyNSkTOtuJHquYeItgkSThbW6_m_bPp76sa7qojMqr8n-6tBInWE3NHRlZQyq4gOkcIg1auXBCX5Nwtg_hnV1JnuM41Ptuin5B-g3Fj19IVW3ymhYY-L_isAcrphYmKn1ccINzCxX8OtHDcTtYUdIzZEZ96I2_4HL633c12J3QSs1JtuMc05nAP-u4id5-XfAVfFB90SUasTln8Ij5qwYutUoKp2JFonsgB_gTpD1PBE-ssGnfz8ZfN-5F__NMN31C1rp0ymdDN0rNZtZL__mkiosHMgE3b_xBuuXoTxU1k-W_3xgV5kBt4DbIsQiANCb1PcLyV8NDYR2v2lQLAI-hkSqhDoH15AsH-5wwTbqWjgSldROmPZQxfLYtCneuxb8BrZjj6VPJv5EoXBIU6bV9wGz-9yeXRFXF8WjLyBeo8ylCyLLqF5pMvVh0oQNeU59F0QHS_Ez4&sai=AMfl-YSFlO2hzRzi_I2FDYGMo5UvwKiQk3uQ80_bf10uwvgi_Qb7pNmPUN7ctqTzk82wJkFP3qlf_vNccnSjn4DqFRJDOmtjlINcLegy3mvs6x8vcBxebHJRL9wz6VdKnUrtGSyxgm07eq8bQpGw34WyNYkSVn332U89mA4ykceyj4Ilq3jpeqos5GKAatO3-PKFW3wD9k_hkeaz2HH4V523R3LSjdyKvt-bMSho6lmzpsp_pbtL11Xt4FS5UsIgj1wop81TEaZKJyr4DL2m3QDRbhs1bPMYH2qThtsFTYkzRaokznVbkqQwd3ckQU2QDzWh54QjgRHNhY_hScdXzlfzNGmu_tT6vpQ5vflcw6Aofy9I0u2UmSXpQqtlTY9zPStnAFXUfpNmmMMHGcIq4FO4HgCM25tEYVYMLPt3gOzbwlmHBjnLGTBdz8AFzXIXol88IULi0lgKDAbPeuM1KOqU9y4DYMnEL1keyqRVn0H6TXlALztDzVqBi0u_YVwHg4pRPupj&sig=Cg0ArKJSzK0S7Vhk42ldEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tYXBmcmUuZXM&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=456&vt=11&dtpt=305&dett=3&cstd=146&cisv=r20240109.88597&arae=0&ftch=1&adurl=

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C4DE 115 KB
14 KB 40ms
40ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kev8arm64d4j1xwez45c13hsgcgek1439thf500by7fyk5mgw7zkfpw7ggvft6r5r5wyk13n0n3dxmtzzkkjq9nwpnrdtf13a5yvztx6n86s6czb91x0p6f5yf2615xd5ne3rnp5rn38tyws978n5k748ftjq0026xgwzd4ye5hk7drnzq0fptc300qew3tpk1xxamsce22acct5k8nj1vqss7vvk2gafw77p7bphpew6mp3amf3edvttkg1jx9rxdwe7b7fbkpgseaackgg1ky6tcc74chnfcv0ebz7mkwe0g873g5a7ey8252avw3k0xt1tpr2aswja7qawqxs648j3p83q1649peefb1dhp15x64295a1pmy9qcxnq16q9dymzr11abxcyj9dmcr4fy81xctw7n3785srm1j4qcrg5qhf3ywnz0gb3hhxpp2vp75jebxx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%26client%3Dca-pub-5035092129732437%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kev8arm64d4j1xwez45c13hsgcgek1439thf500by7fyk5mgw7zkfpw7ggvft6r5r5wyk13n0n3dxmtzzkkjq9nwpnrdtf13a5yvztx6n86s6czb91x0p6f5yf2615xd5ne3rnp5rn38tyws978n5k748ftjq0026xgwzd4ye5hk7drnzq0fptc300qew3tpk1xxamsce22acct5k8nj1vqss7vvk2gafw77p7bphpew6mp3amf3edvttkg1jx9rxdwe7b7fbkpgseaackgg1ky6tcc74chnfcv0ebz7mkwe0g873g5a7ey8252avw3k0xt1tpr2aswja7qawqxs648j3p83q1649peefb1dhp15x64295a1pmy9qcxnq16q9dymzr11abxcyj9dmcr4fy81xctw7n3785srm1j4qcrg5qhf3ywnz0gb3hhxpp2vp75jebxx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%26client%3Dca-pub-5035092129732437%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291678
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OmyGQbbDECvooPLrt3qQqn6%2BS0LDuQtebaAE1D94HRr20E29s9rvb4LhUgeTuSIDN%2FLC08HIUTGTM%2F7bmbvgDuSJXegQb0KPtjUbP0CL2AyB%2F1zEhLlgB1ozj2UIZHuERR7hCynhtI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 844f1f5cc97e35e5-FRA
expires: Sun, 14 Jan 2024 16:47:41 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame C4DE 24 KB
10 KB 50ms
32ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kev8arm64d4j1xwez45c13hsgcgek1439thf500by7fyk5mgw7zkfpw7ggvft6r5r5wyk13n0n3dxmtzzkkjq9nwpnrdtf13a5yvztx6n86s6czb91x0p6f5yf2615xd5ne3rnp5rn38tyws978n5k748ftjq0026xgwzd4ye5hk7drnzq0fptc300qew3tpk1xxamsce22acct5k8nj1vqss7vvk2gafw77p7bphpew6mp3amf3edvttkg1jx9rxdwe7b7fbkpgseaackgg1ky6tcc74chnfcv0ebz7mkwe0g873g5a7ey8252avw3k0xt1tpr2aswja7qawqxs648j3p83q1649peefb1dhp15x64295a1pmy9qcxnq16q9dymzr11abxcyj9dmcr4fy81xctw7n3785srm1j4qcrg5qhf3ywnz0gb3hhxpp2vp75jebxx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%26client%3Dca-pub-5035092129732437%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 383205
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFI0id6DMiecUc0irT47d1HEGeHIuCLmFtcPeOJofWLLWz7K%2BdjX87mUq30LRN%2BpQYVXgEnV%2F1jvFKYw2iAu%2FOihvd6lgTE%2BY%2Btw4d4OgnpoadQEcp7hQJWqXiAIyz%2F4fY%2Bzkgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 844f1f5ce9a535e5-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 09 Jan 2024 06:20:55 GMT

GET
H3 200 img2.png
s0.2mdn.net/sadbundle/13656848552175302391/html/images/ Frame C342 13 KB
13 KB 32ms
32ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13656848552175302391/html/images/img2.png

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

878a1964e962f2a00955cd82ee91fae99e6a5b6dbf74f25e5bd126c5894bd291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13656848552175302391/html/PromoIphone_TF-B-DF-1093_dis_160x600_es.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 23:04:22 GMT
date: Fri, 12 Jan 2024 23:04:22 GMT
x-content-type-options: nosniff
age: 63799
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13538
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 15:08:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E09A 17 KB
6 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 16:47:41 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C4DE 350 B
907 B 106ms
39ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4681709
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDKudsa0gJ3%2BdSIRMPLLoj0GmH3Dxcnad1KLaRuDA0t50JjNSzbQwVVRnhRpKSl6FWfQRiCJNc2FPwrKPxQLXxrmZOe6PQ2BPeRLSsDTQeiVLcDWtVh16HoDOzKtGK54p0Z%2B2a37BihOU%2Femqx79oWvc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 844f1f5d9a5f19ad-FRA
expires: Tue, 19 Nov 2024 12:19:12 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame DADD 2 KB
2 KB 40ms
40ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1301373
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 844f1f5d2c6d71a9-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Sat, 13 Jan 2024 16:47:41 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdVkxpFQy8LysbcrEVSVMghtYAziy%2FS5m3TkNoZHK41z37VVhARdvqAoEF4q2%2FMaRl3NoTx2K%2FwiB%2Fnd2YQ91BRI3eCTpe3Md78s668oz%2Bf%2FfBBbFByJLZyA%2BrJUTkK5Mfu8Mz0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

counter
top-fwz1.mail.ru/ Frame D8E9
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=25562764819855.440635312732084&a=77&e=0100007FACBEA2653436EA04021A2749&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0100007FACBEA2653436EA04021A2749.syn...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1705164461777&i=25562764819855.440635312732084&a=77&e=0100007FACBEA2653436EA04021A2749&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:...
https://top-fwz1.mail.ru/counter?id=3210372;pid=AiCkr1gkkNKwKskFxXZQ

43 B
876 B

56ms
55ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=AiCkr1gkkNKwKskFxXZQ

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Sat, 13 Jan 2024 16:47:41 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=AiCkr1gkkNKwKskFxXZQ
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

counter
top-fwz1.mail.ru/ Frame D8E9
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=25562764819855.525970257700874&a=77&e=0100007FACBEA2653436EA04021A2749&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0100007FACBEA2653436EA04021A2749.syn...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1705164461773&i=25562764819855.525970257700874&a=77&e=0100007FACBEA2653436EA04021A2749&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:...
https://top-fwz1.mail.ru/counter?id=3210372;pid=qCZlRT9kkU0a5iOFp.-p

43 B
876 B

56ms
55ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=qCZlRT9kkU0a5iOFp.-p

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Sat, 13 Jan 2024 16:47:41 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=qCZlRT9kkU0a5iOFp.-p
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

POST
H3 200 rs Show response
ad4m.at/ Frame C4DE 2 KB
2 KB 47ms
46ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5e38d3fa62d4e16f6bc6b1253345f7a71402d9f3bcb78a341afb387c02e44ce

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkM5zv%2Bh813Dohxq7sL2PkZCsWSERD2W9sL375aPJZGZLBM95jLzZlEokz8YQH%2B7v6LjvU9QNSEEViiT7J%2FmLIodu5VZRBXoKuCo1nHlxug04573q6ZYXxJfENzU3zqJPuA7mv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 844f1f5ded882c18-FRA
x-backend-server: aa-reachservice-group-europe-west1-qpfr
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 74ms
50ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 844f1f5d9d212c18-FRA
content-length: 24
content-type: text/plain
date: Sat, 13 Jan 2024 16:47:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWGZ7n7A9%2BOiVqC1j293IB3KiNrBiy1DyHWzsFegyTeNk7ABdCdD93IKVJ2p8PUaMrJrSXjZAWJVWlxzWF99L71C1ooKCQLJFLnn2TNLWheaawQz7pQb0vb04a39D3iV7%2FvezlQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-qpfr

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AB2 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 16:19:44 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame DEEB 9 KB
4 KB 46ms
46ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=917968%2C919813%2C919812&b=XgrYuzfrfjwwzH6H4HetqtmrE6SQSkT5PDsRpK2%2CDZ17c3fwfgD8ja3HmH9t1tQxRTxSmTYr5U6qRK%2C9dk8UMfmfMPR4fKHBH2t7t3W7ku9SmTz28tK4Rj&f=e5k1U3fVf9BBgCjHZHet2C2G6JcwSQTKJktMP7D%2CdpkxsEfkf81ZetEHjHwtqC3ZdueS4T54Ese6XE%2C18QksbfKfX51Qh9HdH9tpCZQBGS2SKTGjwuG1je&c=728&d=90&e=&g=a283229e57e8c7434ba8f1e1ec695413%2F17678790889479843623&i=294559%2C28562%2C294560&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach67_Moda&r=1705164461767&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h197j2rcjnm2httekkjrdxtdkp213z9qfe3p08z3nmmq5k6nwhq4fyejgq6fwcwymtzqs68g6556t6acv6b6pkyb2a39eg0740jwpst2g63qck7x2g7rczky8zp8s1rmwmy3w61r3b0svr1v29qxr8yyqtnryczxmp0qwbbph8ttyjkpxs19xvcp39e36ejveafs35jz9kqxbktbckfwgtrk67s5znacc3zfwkzfbkbeg8ezfe76znjq8y54py1ta32wdjrfzt4t75wpm5ffrtxxm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%2526client%253Dca-pub-5035092129732437%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc240032a0a2a32565c9cc1c021928d1f719cb912bb744a9b1b7625b1470ba1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kev8arm64d4j1xwez45c13hsgcgek1439thf500by7fyk5mgw7zkfpw7ggvft6r5r5wyk13n0n3dxmtzzkkjq9nwpnrdtf13a5yvztx6n86s6czb91x0p6f5yf2615xd5ne3rnp5rn38tyws978n5k748ftjq0026xgwzd4ye5hk7drnzq0fptc300qew3tpk1xxamsce22acct5k8nj1vqss7vvk2gafw77p7bphpew6mp3amf3edvttkg1jx9rxdwe7b7fbkpgseaackgg1ky6tcc74chnfcv0ebz7mkwe0g873g5a7ey8252avw3k0xt1tpr2aswja7qawqxs648j3p83q1649peefb1dhp15x64295a1pmy9qcxnq16q9dymzr11abxcyj9dmcr4fy81xctw7n3785srm1j4qcrg5qhf3ywnz0gb3hhxpp2vp75jebxx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%26client%3Dca-pub-5035092129732437%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 844f1f5e3dd871a9-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:47:41 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame DEEB 115 KB
14 KB 39ms
39ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=917968%2C919813%2C919812&b=XgrYuzfrfjwwzH6H4HetqtmrE6SQSkT5PDsRpK2%2CDZ17c3fwfgD8ja3HmH9t1tQxRTxSmTYr5U6qRK%2C9dk8UMfmfMPR4fKHBH2t7t3W7ku9SmTz28tK4Rj&f=e5k1U3fVf9BBgCjHZHet2C2G6JcwSQTKJktMP7D%2CdpkxsEfkf81ZetEHjHwtqC3ZdueS4T54Ese6XE%2C18QksbfKfX51Qh9HdH9tpCZQBGS2SKTGjwuG1je&c=728&d=90&e=&g=a283229e57e8c7434ba8f1e1ec695413%2F17678790889479843623&i=294559%2C28562%2C294560&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach67_Moda&r=1705164461767&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h197j2rcjnm2httekkjrdxtdkp213z9qfe3p08z3nmmq5k6nwhq4fyejgq6fwcwymtzqs68g6556t6acv6b6pkyb2a39eg0740jwpst2g63qck7x2g7rczky8zp8s1rmwmy3w61r3b0svr1v29qxr8yyqtnryczxmp0qwbbph8ttyjkpxs19xvcp39e36ejveafs35jz9kqxbktbckfwgtrk67s5znacc3zfwkzfbkbeg8ezfe76znjq8y54py1ta32wdjrfzt4t75wpm5ffrtxxm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%2526client%253Dca-pub-5035092129732437%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=917968%2C919813%2C919812&b=XgrYuzfrfjwwzH6H4HetqtmrE6SQSkT5PDsRpK2%2CDZ17c3fwfgD8ja3HmH9t1tQxRTxSmTYr5U6qRK%2C9dk8UMfmfMPR4fKHBH2t7t3W7ku9SmTz28tK4Rj&f=e5k1U3fVf9BBgCjHZHet2C2G6JcwSQTKJktMP7D%2CdpkxsEfkf81ZetEHjHwtqC3ZdueS4T54Ese6XE%2C18QksbfKfX51Qh9HdH9tpCZQBGS2SKTGjwuG1je&c=728&d=90&e=&g=a283229e57e8c7434ba8f1e1ec695413%2F17678790889479843623&i=294559%2C28562%2C294560&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach67_Moda&r=1705164461767&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h197j2rcjnm2httekkjrdxtdkp213z9qfe3p08z3nmmq5k6nwhq4fyejgq6fwcwymtzqs68g6556t6acv6b6pkyb2a39eg0740jwpst2g63qck7x2g7rczky8zp8s1rmwmy3w61r3b0svr1v29qxr8yyqtnryczxmp0qwbbph8ttyjkpxs19xvcp39e36ejveafs35jz9kqxbktbckfwgtrk67s5znacc3zfwkzfbkbeg8ezfe76znjq8y54py1ta32wdjrfzt4t75wpm5ffrtxxm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%2526client%253Dca-pub-5035092129732437%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291678
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cz%2FkhdwrpT9%2BAbB1QpTbaY3o8K0qL2zmkOJo6XfPNRvGMRJXefMCii09qDFDiHoE8LomSsifj5L5GiTI3HR82hi2Biassha2sx8sgK74Pyvcg2LFmf%2BmnhIbUvN226Uk19nvSys9odw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 844f1f5e8e4071a9-FRA
expires: Sun, 14 Jan 2024 16:47:41 GMT

GET
H2 200 5AA0D4B54113B78EF3BDFD9BA06AB5E856DFF535FBBD4D20F90234A1A8457B1113CB5F580DD27343B4482E10ADB6B815C8D8F603538320A8E6433ABCBC4BFB59
assets.ad4m.at/logo/ Frame DEEB 6 KB
7 KB 55ms
37ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/5AA0D4B54113B78EF3BDFD9BA06AB5E856DFF535FBBD4D20F90234A1A8457B1113CB5F580DD27343B4482E10ADB6B815C8D8F603538320A8E6433ABCBC4BFB59
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=917968%2C919813%2C919812&b=XgrYuzfrfjwwzH6H4HetqtmrE6SQSkT5PDsRpK2%2CDZ17c3fwfgD8ja3HmH9t1tQxRTxSmTYr5U6qRK%2C9dk8UMfmfMPR4fKHBH2t7t3W7ku9SmTz28tK4Rj&f=e5k1U3fVf9BBgCjHZHet2C2G6JcwSQTKJktMP7D%2CdpkxsEfkf81ZetEHjHwtqC3ZdueS4T54Ese6XE%2C18QksbfKfX51Qh9HdH9tpCZQBGS2SKTGjwuG1je&c=728&d=90&e=&g=a283229e57e8c7434ba8f1e1ec695413%2F17678790889479843623&i=294559%2C28562%2C294560&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach67_Moda&r=1705164461767&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h197j2rcjnm2httekkjrdxtdkp213z9qfe3p08z3nmmq5k6nwhq4fyejgq6fwcwymtzqs68g6556t6acv6b6pkyb2a39eg0740jwpst2g63qck7x2g7rczky8zp8s1rmwmy3w61r3b0svr1v29qxr8yyqtnryczxmp0qwbbph8ttyjkpxs19xvcp39e36ejveafs35jz9kqxbktbckfwgtrk67s5znacc3zfwkzfbkbeg8ezfe76znjq8y54py1ta32wdjrfzt4t75wpm5ffrtxxm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%2526client%253Dca-pub-5035092129732437%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16335f044269bc224734879f40d924500cd2867977275c6cf36efb28be66c16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3105138
cf-polished: qual=85, origFmt=jpeg, origSize=16534
alt-svc: h3=":443"; ma=86400
content-length: 6254
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 14:20:41 GMT
server: cloudflare
etag: "8f1aa83cb6b1b56f04b496fb089e1aa0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cexFURRUa0TW4q3E1om5XCRF63z5SqNoIXKrePDuYxhcsbEkVH6cp11yLWzRARhzwPp5kMg%2FGpM9DAD1KJ8v7eMcp%2Bmeyp2qQkeWyqS1z0ekJhPHwUI3Wn9dCrtd89ibNuXXiHEu8KCsiYmL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 844f1f5eab7d35e5-FRA

GET
H2 200 F726CA57A90D5E66E02C2E6486A30F031249E719622488B19E13E024AEC30A4FF464D1098129686E7A95D79A8C97BF8E9BF1D3C3D14880CFAEBDF62B72BFD1CC
assets.ad4m.at/ Frame DEEB 19 KB
20 KB 72ms
54ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F726CA57A90D5E66E02C2E6486A30F031249E719622488B19E13E024AEC30A4FF464D1098129686E7A95D79A8C97BF8E9BF1D3C3D14880CFAEBDF62B72BFD1CC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=917968%2C919813%2C919812&b=XgrYuzfrfjwwzH6H4HetqtmrE6SQSkT5PDsRpK2%2CDZ17c3fwfgD8ja3HmH9t1tQxRTxSmTYr5U6qRK%2C9dk8UMfmfMPR4fKHBH2t7t3W7ku9SmTz28tK4Rj&f=e5k1U3fVf9BBgCjHZHet2C2G6JcwSQTKJktMP7D%2CdpkxsEfkf81ZetEHjHwtqC3ZdueS4T54Ese6XE%2C18QksbfKfX51Qh9HdH9tpCZQBGS2SKTGjwuG1je&c=728&d=90&e=&g=a283229e57e8c7434ba8f1e1ec695413%2F17678790889479843623&i=294559%2C28562%2C294560&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach67_Moda&r=1705164461767&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h197j2rcjnm2httekkjrdxtdkp213z9qfe3p08z3nmmq5k6nwhq4fyejgq6fwcwymtzqs68g6556t6acv6b6pkyb2a39eg0740jwpst2g63qck7x2g7rczky8zp8s1rmwmy3w61r3b0svr1v29qxr8yyqtnryczxmp0qwbbph8ttyjkpxs19xvcp39e36ejveafs35jz9kqxbktbckfwgtrk67s5znacc3zfwkzfbkbeg8ezfe76znjq8y54py1ta32wdjrfzt4t75wpm5ffrtxxm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%2526client%253Dca-pub-5035092129732437%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ad4be07198ebf5e195932b487b9b56a49a958d935b7e22ff2f5bfc7c7f5459

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177418
cf-polished: qual=85, origFmt=jpeg, origSize=23802
alt-svc: h3=":443"; ma=86400
content-length: 19814
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 22:18:04 GMT
server: cloudflare
etag: "f4096228e8d3208abc0110563e034737"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzCaakPBFgkKjIZxZkV413SpqUu91IS%2F%2F8mdAeZf2wXReSIMib82TnhCbVk51BprrRr6XTVkWqvaqXVXGOGHhXqblxONskMhH1BHuuLaQspDhCWXp7QlnyYCYkPAbq6IQ7HtF4ia3uxPbM24"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 844f1f5eab8835e5-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame DEEB 43 B
702 B 98ms
61ms Image
image/gif 23.197.149.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3273948&v=19801&q=390844&r=137680&pv=1&pref3=oneidXgrYuzfrfjwwzH6H4HetqtmrE6SQSkT5PDsRpK2oneid__suite_Netmix_Reach67_Moda&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=917968%2C919813%2C919812&b=XgrYuzfrfjwwzH6H4HetqtmrE6SQSkT5PDsRpK2%2CDZ17c3fwfgD8ja3HmH9t1tQxRTxSmTYr5U6qRK%2C9dk8UMfmfMPR4fKHBH2t7t3W7ku9SmTz28tK4Rj&f=e5k1U3fVf9BBgCjHZHet2C2G6JcwSQTKJktMP7D%2CdpkxsEfkf81ZetEHjHwtqC3ZdueS4T54Ese6XE%2C18QksbfKfX51Qh9HdH9tpCZQBGS2SKTGjwuG1je&c=728&d=90&e=&g=a283229e57e8c7434ba8f1e1ec695413%2F17678790889479843623&i=294559%2C28562%2C294560&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach67_Moda&r=1705164461767&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h197j2rcjnm2httekkjrdxtdkp213z9qfe3p08z3nmmq5k6nwhq4fyejgq6fwcwymtzqs68g6556t6acv6b6pkyb2a39eg0740jwpst2g63qck7x2g7rczky8zp8s1rmwmy3w61r3b0svr1v29qxr8yyqtnryczxmp0qwbbph8ttyjkpxs19xvcp39e36ejveafs35jz9kqxbktbckfwgtrk67s5znacc3zfwkzfbkbeg8ezfe76znjq8y54py1ta32wdjrfzt4t75wpm5ffrtxxm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%2526client%253Dca-pub-5035092129732437%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.197.149.186 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-149-186.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jan 2024 16:47:41 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 92787BC7AC57EA2E14046766A9876944D80F6C73CCB39A2254EBEBC2640A61AF56216506CAE74B20AE21509FE1DAB21FB25179DB444487C52C9B45E31F0A82DA
assets.ad4m.at/logo/ Frame DEEB 6 KB
6 KB 49ms
32ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/92787BC7AC57EA2E14046766A9876944D80F6C73CCB39A2254EBEBC2640A61AF56216506CAE74B20AE21509FE1DAB21FB25179DB444487C52C9B45E31F0A82DA
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=917968%2C919813%2C919812&b=XgrYuzfrfjwwzH6H4HetqtmrE6SQSkT5PDsRpK2%2CDZ17c3fwfgD8ja3HmH9t1tQxRTxSmTYr5U6qRK%2C9dk8UMfmfMPR4fKHBH2t7t3W7ku9SmTz28tK4Rj&f=e5k1U3fVf9BBgCjHZHet2C2G6JcwSQTKJktMP7D%2CdpkxsEfkf81ZetEHjHwtqC3ZdueS4T54Ese6XE%2C18QksbfKfX51Qh9HdH9tpCZQBGS2SKTGjwuG1je&c=728&d=90&e=&g=a283229e57e8c7434ba8f1e1ec695413%2F17678790889479843623&i=294559%2C28562%2C294560&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach67_Moda&r=1705164461767&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h197j2rcjnm2httekkjrdxtdkp213z9qfe3p08z3nmmq5k6nwhq4fyejgq6fwcwymtzqs68g6556t6acv6b6pkyb2a39eg0740jwpst2g63qck7x2g7rczky8zp8s1rmwmy3w61r3b0svr1v29qxr8yyqtnryczxmp0qwbbph8ttyjkpxs19xvcp39e36ejveafs35jz9kqxbktbckfwgtrk67s5znacc3zfwkzfbkbeg8ezfe76znjq8y54py1ta32wdjrfzt4t75wpm5ffrtxxm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%2526client%253Dca-pub-5035092129732437%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b92e859ef152d5b105783e68f25b3474b519bb44b5a3302a36e1faf6fd34463a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88912
cf-polished: qual=85, origFmt=jpeg, origSize=16159
alt-svc: h3=":443"; ma=86400
content-length: 5826
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 08:57:03 GMT
server: cloudflare
etag: "0ad103b2229a40421d0556155644eb10"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwabyMjQ2fOdJCP2TQyJp1sr2xoXqcU8J4YwjVchJu5bIBKquVQZ7OpY7H1r%2BXdZEEcYbq1CF%2Fwd81ZnL0ePCxQM7ZzaCrUzVnf5Q38LIob5M4LYQf2K0bFiTVwnOPyuEdUW3G6P%2Fg1bI9%2FS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 844f1f5eab8235e5-FRA

GET
H2 200 0F81DA5DD3C1151FFAC6311F8DDAA2F2C18369EF17F579F83871FF503E880F628F640430F2718023FE625D3033A28EE2D7D6001547C4152D0201BF42658D2E18
assets.ad4m.at/ Frame DEEB 41 KB
42 KB 55ms
37ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/0F81DA5DD3C1151FFAC6311F8DDAA2F2C18369EF17F579F83871FF503E880F628F640430F2718023FE625D3033A28EE2D7D6001547C4152D0201BF42658D2E18
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=917968%2C919813%2C919812&b=XgrYuzfrfjwwzH6H4HetqtmrE6SQSkT5PDsRpK2%2CDZ17c3fwfgD8ja3HmH9t1tQxRTxSmTYr5U6qRK%2C9dk8UMfmfMPR4fKHBH2t7t3W7ku9SmTz28tK4Rj&f=e5k1U3fVf9BBgCjHZHet2C2G6JcwSQTKJktMP7D%2CdpkxsEfkf81ZetEHjHwtqC3ZdueS4T54Ese6XE%2C18QksbfKfX51Qh9HdH9tpCZQBGS2SKTGjwuG1je&c=728&d=90&e=&g=a283229e57e8c7434ba8f1e1ec695413%2F17678790889479843623&i=294559%2C28562%2C294560&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach67_Moda&r=1705164461767&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h197j2rcjnm2httekkjrdxtdkp213z9qfe3p08z3nmmq5k6nwhq4fyejgq6fwcwymtzqs68g6556t6acv6b6pkyb2a39eg0740jwpst2g63qck7x2g7rczky8zp8s1rmwmy3w61r3b0svr1v29qxr8yyqtnryczxmp0qwbbph8ttyjkpxs19xvcp39e36ejveafs35jz9kqxbktbckfwgtrk67s5znacc3zfwkzfbkbeg8ezfe76znjq8y54py1ta32wdjrfzt4t75wpm5ffrtxxm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%2526client%253Dca-pub-5035092129732437%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edc4b27fb965d75c182c0353466b30696adb23bc9541df6e0e6ddda3692c2ad8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 188754
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 42458
cf-bgj: imgq:85,h2pri
last-modified: Thu, 11 Jan 2024 12:15:21 GMT
server: cloudflare
etag: "f8856138f7c4e1ec8caf2f6fecfe9f8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUW4Q45gxixbUNdCO%2FOUMGmu4Mrb5Epq5yFC%2BHXebZVbXhu3XT4IssvPZUWkVO4YtJUMOHUwDXXGfsqsz3POHxfmG6rBEV%2FBXlYneScxNAYgfNr0TfxrZBnJCcrrYBwPZ2IHnUYyhx0fym4V"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 844f1f5eab8535e5-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame DEEB 43 B
702 B 82ms
45ms Image
image/gif 23.197.149.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3496492&v=18295&q=377319&r=137680&pv=1&pref3=oneidDZ17c3fwfgD8ja3HmH9t1tQxRTxSmTYr5U6qRKoneid__suite_Netmix_Reach67_Moda&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.197.149.186 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-149-186.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jan 2024 16:47:41 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 731130A0D253C988AA0F18C210E0E9B1DA4AFFC560E39A010A5AB2DCCBF52C69453C402CB6AB8263FC16CBF99434A68F423E22BEC1EBC5336E0BA7F6DFA9C72D
assets.ad4m.at/logo/ Frame DEEB 3 KB
4 KB 50ms
33ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/731130A0D253C988AA0F18C210E0E9B1DA4AFFC560E39A010A5AB2DCCBF52C69453C402CB6AB8263FC16CBF99434A68F423E22BEC1EBC5336E0BA7F6DFA9C72D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=917968%2C919813%2C919812&b=XgrYuzfrfjwwzH6H4HetqtmrE6SQSkT5PDsRpK2%2CDZ17c3fwfgD8ja3HmH9t1tQxRTxSmTYr5U6qRK%2C9dk8UMfmfMPR4fKHBH2t7t3W7ku9SmTz28tK4Rj&f=e5k1U3fVf9BBgCjHZHet2C2G6JcwSQTKJktMP7D%2CdpkxsEfkf81ZetEHjHwtqC3ZdueS4T54Ese6XE%2C18QksbfKfX51Qh9HdH9tpCZQBGS2SKTGjwuG1je&c=728&d=90&e=&g=a283229e57e8c7434ba8f1e1ec695413%2F17678790889479843623&i=294559%2C28562%2C294560&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach67_Moda&r=1705164461767&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h197j2rcjnm2httekkjrdxtdkp213z9qfe3p08z3nmmq5k6nwhq4fyejgq6fwcwymtzqs68g6556t6acv6b6pkyb2a39eg0740jwpst2g63qck7x2g7rczky8zp8s1rmwmy3w61r3b0svr1v29qxr8yyqtnryczxmp0qwbbph8ttyjkpxs19xvcp39e36ejveafs35jz9kqxbktbckfwgtrk67s5znacc3zfwkzfbkbeg8ezfe76znjq8y54py1ta32wdjrfzt4t75wpm5ffrtxxm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%2526client%253Dca-pub-5035092129732437%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c341dc7b20778b50fc70347f302e9e3882e90c1a1ebfe4e0b5f350c529a0be5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2053949
cf-polished: qual=85, origFmt=jpeg, origSize=11121
alt-svc: h3=":443"; ma=86400
content-length: 3338
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 08:51:47 GMT
server: cloudflare
etag: "624511a5785f7ee20ec2d29d85087764"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uQqpAOl%2FpI659iYh3IxSQrP2V%2BoS2f9w5I4ZIj%2B1jOL42azcqBBgUKs9qLdLOwugi8FtAM7pLDjiMAVah%2F10e%2F9wDNfh0mjIqbAUb7u7ZlSx98AutZIpHbH0AWZMRRkv0LBTBzPXXt%2BWcxI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 844f1f5eab8635e5-FRA

GET
H2 200 E1330436319EA8B818CF368962077562F686F89EAF35B2332ED2EEB285388869DBD2FA8ABC7E567A28409C887F0490C8FDBC5D4AC5252CB157AD33FDE031E5A1
assets.ad4m.at/ Frame DEEB 31 KB
31 KB 50ms
34ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1330436319EA8B818CF368962077562F686F89EAF35B2332ED2EEB285388869DBD2FA8ABC7E567A28409C887F0490C8FDBC5D4AC5252CB157AD33FDE031E5A1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=917968%2C919813%2C919812&b=XgrYuzfrfjwwzH6H4HetqtmrE6SQSkT5PDsRpK2%2CDZ17c3fwfgD8ja3HmH9t1tQxRTxSmTYr5U6qRK%2C9dk8UMfmfMPR4fKHBH2t7t3W7ku9SmTz28tK4Rj&f=e5k1U3fVf9BBgCjHZHet2C2G6JcwSQTKJktMP7D%2CdpkxsEfkf81ZetEHjHwtqC3ZdueS4T54Ese6XE%2C18QksbfKfX51Qh9HdH9tpCZQBGS2SKTGjwuG1je&c=728&d=90&e=&g=a283229e57e8c7434ba8f1e1ec695413%2F17678790889479843623&i=294559%2C28562%2C294560&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach67_Moda&r=1705164461767&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h197j2rcjnm2httekkjrdxtdkp213z9qfe3p08z3nmmq5k6nwhq4fyejgq6fwcwymtzqs68g6556t6acv6b6pkyb2a39eg0740jwpst2g63qck7x2g7rczky8zp8s1rmwmy3w61r3b0svr1v29qxr8yyqtnryczxmp0qwbbph8ttyjkpxs19xvcp39e36ejveafs35jz9kqxbktbckfwgtrk67s5znacc3zfwkzfbkbeg8ezfe76znjq8y54py1ta32wdjrfzt4t75wpm5ffrtxxm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg601rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTQAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cRk6CF-KO4rPQgVjFZ-wty5MPPrvHE4XrRyXZ6m4fBns5XXxPn4B_KHiABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2JfbPWEin6eF9Ugkk5ND32TgoQGA%2526client%253Dca-pub-5035092129732437%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9346f974182d74bbb8b7a74a5d6c063d11bdb08cf19f44a5347e2d10c91a86af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 188754
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 31470
cf-bgj: imgq:85,h2pri
last-modified: Thu, 11 Jan 2024 12:19:09 GMT
server: cloudflare
etag: "3128bfcea6d876f7e72bd7bc2049c699"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyPjK%2B4dlhinnHoSGpZyATtuYUhgEHtGg22Hgqkxwz%2BVwyj43k1nsW8NVlwsB9tdWuGkliOgdyBhPVkfAcxxvUlvUsqZ%2BQujOQpQaOzr5Gdw9pBRKvj0ag8rslMMHufZiW%2F8eTWmY6vzCEv7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 844f1f5eab8935e5-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame DEEB 43 B
702 B 90ms
53ms Image
image/gif 23.197.149.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3498061&v=19803&q=390801&r=137680&pv=1&pref3=oneid9dk8UMfmfMPR4fKHBH2t7t3W7ku9SmTz28tK4Rjoneid__suite_Netmix_Reach67_Moda&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.197.149.186 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-149-186.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jan 2024 16:47:41 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 60035857_20230607030437043_coche_white.svg
s0.2mdn.net/ads/richmedia/studio/60035857/ Frame E09A 2 KB
801 B 33ms
32ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60035857/60035857_20230607030437043_coche_white.svg

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e6c953ef6e2baf479917190c1f06ef5ea55414630d6901d9b8291c7ed13521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18221096529761682194/index.html?e=69&leftOffset=0&topOffset=0&c=o7dSnXVbpg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 08:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 773
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 10:04:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Jan 2024 08:13:03 GMT

GET
H3 200 60035857_20230606030030477_logo_MAPFFRE_White.png
s0.2mdn.net/ads/richmedia/studio/60035857/ Frame E09A 10 KB
10 KB 34ms
33ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60035857/60035857_20230606030030477_logo_MAPFFRE_White.png

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f330fc97f10232f374a69c767063a5c1128ee61ffbe7ce086350cb03e82622e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18221096529761682194/index.html?e=69&leftOffset=0&topOffset=0&c=o7dSnXVbpg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:38:23 GMT
x-content-type-options: nosniff
age: 32959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9982
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 10:00:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Jan 2024 07:38:23 GMT

GET
H3 200 60035857_20230605021215046_competencia_728x90.jpg
s0.2mdn.net/ads/richmedia/studio/60035857/ Frame E09A 67 KB
67 KB 34ms
34ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60035857/60035857_20230605021215046_competencia_728x90.jpg

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a746a7f9863af1b7b43f77aace35803ccdbf2d8a55d8cebc5ce93f7d4e2337df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18221096529761682194/index.html?e=69&leftOffset=0&topOffset=0&c=o7dSnXVbpg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:29:52 GMT
x-content-type-options: nosniff
age: 19070
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68201
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:12:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Jan 2024 11:29:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9B0C 0
19 B 65ms
64ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaTw8rb6iZbKYBZ3fn88Pn4yH0APi0rL2YcexjoqOCMCNtwEQASAAYNUFggEXY2EtcHViLTUwMzUwOTIxMjk3MzI0MzfIAQmpApxeTIt2X7I-qAMByAMCqgTNAU_Q7SSYgJyd5xNadwPgC5Gn7_TWnMqze1TNcY3US2fxT-sqBNjuqvUHDl4FmbAY07-uHaR9hnHe7JAP94NOZcaSMLgz6024-fY-F5Ac_PvblIK8iZsleXjqaG-xz28yWi2jlTWHseLYqBANP-VXxsooLhWpA0dgfyXVrM82twH12RkNqzNcEu7qlLR6BuEI_2-oUAWeAIupkEiYH3TsQ0p52v-iXd7cBEyjhTV3ZfMYBkQNxozuQtcUNBbNPZ1imZy5Ke32F1chiKDQ30iABsu76OOYwJ_QXqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliV5-3P6NqDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MDM1MDkyMTI5NzMyNDM3GAA&sigh=-L8putb3S4A&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_PzPvsIdUvcJFKM5ux7nJnk2uKICu_hsTsINvy47TB84J_Sf95avugw5Hj7jheNludN9KFognWxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705164460&rafmt=1&to=qs&pwprc=9553686225&format=1200x90&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705164460981&bpp=1&bdt=1359&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280%2C551x280&nras=4&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1400&ady=4540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 Jan 2024 16:47:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 9B0C 0
103 B 75ms
25ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jg9ed3ncsg2t6fscm6kwt69hydnabz2wxd7tvc7qdx825xd8a0zqk3k36c7j0ka6jcbgy70a0889jr58nf1k1y5k5rffex4ps3xad3bwfk43ked766tbwgsa0vj76tsa2gh4zkg9ynry6znm496e7wzme770yhefw1sbr1kz7wh27qbz6cjrky90029yhybjjm8gzq4g6y3n14xqzj7xy7edc4evgmfv90y7w52ahpm7cgzhcfmev85p39ydsyez8pwq63qgk12dszp2ehfdhk01t9nnwwg8fp5yzfp3vmvexfyzz7terdsb2za1g417vwzgbd9fyvjt25xv7qsd6vkgyhcjc17b4j8hnddpy5znf0z1cq1wrj10whn6mdvg7fbkc6aqp90ghpc&b=ZaK-rQABTDID5--dAAHGH_t91Gf4ptmUJOPekA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705164460&rafmt=1&to=qs&pwprc=9553686225&format=1200x90&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705164460981&bpp=1&bdt=1359&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280%2C551x280&nras=4&correlator=6926956670417&frm=20&pv=1&ga_vid=1601038523.1705164460&ga_sid=1705164460&ga_hid=1004731934&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1400&ady=4540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079980%2C31080261%2C42531706%2C95321901%2C95320892&oid=2&pvsid=226930247732379&tmod=19279818&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 13 Jan 2024 16:47:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A3B2 50 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 14:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19695
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 14:33:09 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C100 42 B
64 B 85ms
84ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8_B1NzmTD1X0vNab5I7yIXWhxFAOT1Je0KqKstt6JrHjr-IY7wFhdsZJ4KLnyB73DuBvF8uEZXHpWkxWONscSXI3mZ41i6IIM8pdDrkjyvfDyx_R_SSzVuzrHM_lOlubd1whIoMTHLjE-agsFHzopL_Xl&sai=AMfl-YQIQsQdlzVvIjdm0QmM20KgsXYtLLLFLt-_tHtLOYL0pKF49RPUMZcoxP3lrAlV4M0ysQNhvKPhfsQfW8Y_5nnUI0Axvcm4IkX_BWTzC26B4OxmAgXgBVJ7L21wkqOTiriQ1mtV2_KKKXUP-cV2&sig=Cg0ArKJSzGxA_MahAOylEAE&cid=CAQSTgAvHhf_6PSVOAb0EK4_flqsQHn1D_yUjVvnsToPqPDvkakXspvLZJzOxrXVG7pL3lniyN0KmYDBvZfpccu29A0riKxPMeh4VLfh25i56BgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=941,1000,1000,1000,1000&tos=941,59,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1460880071&rs=2&la=0&cr=0&vs=4&r=v&rst=1705164460195&rpt=1021&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C100 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIrBtVIgtM5GEVFSmSEaHPUEGjCcSyUlFH9wvvdV08FaP78xloTNzHI7lJnB49v-3Q9MKb0j-UUtABoJty3TVqRZeHpOH4DSfhH9KCq6D7PRFL1pm9Uni3bP5u&sig=Cg0ArKJSzCFDcxeCAhdiEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=356101038&rs=6&la=0&cr=0&vs=4&r=v&rst=1705164460195&rpt=1177&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C100 0
20 B 76ms
76ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2127946366140&version=m202309260101&ct=77&x=1&cor=1139771926066145400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6556 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQbKoehsBGqG7kkcmj9EU9x9ruBZh_Ezwe1TWovWWbZvx57Gt18J6CWaG0DOKx3QoYaZEmKrby5trMAP5U6yV-YHNI9PBvOR3e8i-dnSBHGswJpSBFR98CKehyJflzoUfyTJ1zqqzJlxqXnQm_pfRPyi69&sai=AMfl-YR6R840_JNbdlQCYfvZBskeP38csuoHXhUX02fqZd9Um2cc8tlRNJVVhV2-bIkcDnnEGBIkYbSmeUEpFeKh9LTuSZZVDNF9GTw_engnqcbiXRAlzDKB53D9dzdR2FRwt_6CdOpBa9VK4rxur1iG&sig=Cg0ArKJSzAE-WN-ysr1GEAE&cid=CAQSTgAvHhf_SJgAqwGuWfYoQ6e_gm4VkWyz9gB5efm9mY4gTzoZNjQYCdCtqF6Cp5kV_yQyQyFfgyu0AnzJoKMgjIolmo7IQPQrZLJ2en1vpRgB&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1705164461026&rpt=1085&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 60ms
59ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.7.0&uid=7efe1859-882a-41ca-976f-102f3d606c7b&dp=14&tz=%2B01%3A00&nc=524391&dT=2024-01-13T17%3A47%3A43.463
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 13 Jan 2024 16:47:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 76ms
76ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d1c7fa88b88d3f705e85a5e805eb6b3543a7e480b84cbaead60389c4bb70b4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12535
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 16:47:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D147 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1681
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:19:43 GMT
expires: Sun, 12 Jan 2025 16:19:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4198 829 B
999 B 31ms
30ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40880265c1ba50bcfa276d847b28d0fd3c1780da048e3b2299c6da193cd3c323

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M-37PJHUAj2T-8lG44Yw3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-M-37PJHUAj2T-8lG44Yw3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:47:44 GMT
expires: Sat, 13 Jan 2024 16:47:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame D147 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 16:19:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4198 0
0 55ms
55ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=226930247732379&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D147 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8ly-dg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:47:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=226930247732379&bg=!V1SlVBvNAAaumcC-jpk7ADQBe5WfON4RdeRjP5jF8sThaKacDLQM90RpF2ZInBLLOpS8WGEnUyvg5KMT0xPP6dD10K9LAgAAADdSAAAAAmgBB5kCucWBVfwUAwm7UEsQK-SuvUSuNHkiOWTeIDD5QadJxAbazlVY9DYYgGNcwCgF33tMyVjx_4D7MQMOqtHq6ysR_Yacx1itymGtCWqILpqg_NPpU5pZh4GQFdm7U4GbeMaeLGn9MzXWhoYmm9P0luWfTTnnYsImxRLrgskp7OkB7YR6iAO1bPdmawoHCDyam4JKd_LT1dPWZlBMyRZ_2_TKCwqlJzuas5o3hdCUSgtUyr3Jdx_FBETTnY1A2Gqto76DY_-xKyYkpzKDomwF4-WEaibWlBkvmfLKiP6EphZheN6Ra7pLqGfyK-Jrqotqv1E_Xot90fFfPLzqD4xmvoClxvOnjtC0vvMbRBx4wk9fqCLyxWrLad5Wb6ckHCD6ry3N_dQVu__Cf7OMhA7ZRO01yfVElxN5khrNqzyNodUaPlqmULkzj449rJB2IMWt4JG4-_d9Z5qltlpYCLmrNHI04czwlK2OOlZ_WQB25rxmjwPIx7MvACEdu9Ntf9gDMfereDGiYNb7koZ4zLjXK35s4CvpMsMLkAMsDiFV4h7KlJfD4aMGBWsmqV22-OWxcm4SZTy45g15EswGyQLP6TGUiPtTfL-h9-irP5jjWT5qnAoT6DatIJHk8kVYPijwXTWaji1N97Ks-QPLw28oKhNePxY0jKIK5FHbbzruqQUkLuJfghviaCVUtAndVdb2J33nTMB-YY7xxDCHmfGchnUupaKQ_0QmcGWPbaJrBpxO0SBM1FeHznuqL8bBmqeCqfS0SNg7lf1PBa7TgnMZA1kN_IS7Pj3_B49IgDcXGlfPo2w7o-ajs0Af0T-T49CgXt0tMm61dQ1dwsAcDszScZjIUZM_u2RPhtnEGCy23Hizd3wPyuHzC2Mr5mS1tfWU2Pc1l2cFUAn21pQoCAM8SnOFqBBikjGRJlZVCc4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

133 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 18:22:36	Name: userId Value: NG9N2pBk13eHsf6F9WzQijprI2O7qWnf
kimberlite.io/rtb/sync	1970-01-20 17:49:29	Name: as Value: OFrH4WWivq35atR4ZaK-rQ
.rambler.ru/	1970-01-21 03:15:24	Name: ruid Value: 1CIAAKy+omWJGdh/AVwKMgB=
.paladiny.ru/	1970-01-21 02:25:00	Name: adtech_uid Value: 4df32a7c-3bc0-48aa-bc75-14f6c9305d5e%3Apaladiny.ru
.paladiny.ru/	1970-01-21 02:25:00	Name: top100_id Value: t1.1449916.710798782.1705164460228
.paladiny.ru/	1970-01-21 02:25:00	Name: t3_sid_1449916 Value: s1.427201643.1705164460229.1705164460229.1.1
.paladiny.ru/	1970-01-21 03:15:24	Name: last_visit Value: 1705160860229%3A%3A1705164460229
.acint.net/	1970-01-21 03:15:24	Name: aid Value: fwAAAWWivqwE6jY0SScaAgZn/Q686xgrUVyHacoACmmInrvi
www.paladiny.ru/	1970-01-21 03:15:24	Name: fid Value: dc0c3e3c-7e05-4750-b0b9-a65687003452
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp14v6 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp17v2 Value: 1705164460
.acint.net/	1970-01-20 17:40:50	Name: cSyncDp45v5 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp53v5 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp62v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp67v3 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp68v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp71v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp80v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp85v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp95v4 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp98v3 Value: 1705164460
.acint.net/	1970-01-20 17:59:34	Name: cSyncDp104v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp107v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp110v3 Value: 1705164460
.acint.net/	1970-01-20 18:01:00	Name: cSyncDp125v4 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp126v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp127v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp129v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp136v3 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp146v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp148v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp149v3 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp151v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp251v1 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp186v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp217v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp221v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp235v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp239v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp243v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp260v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp244v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp248v2 Value: 1705164460
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp261v1 Value: 1705164460
www.paladiny.ru/	1970-01-21 03:15:24	Name: _ac_oid Value: 52b222771b1042f618745d4bef00d73f%3A1705168060565
.paladiny.ru/	1970-01-21 02:25:00	Name: _ym_uid Value: 1705164461506857659
.paladiny.ru/	1970-01-21 02:25:00	Name: _ym_d Value: 1705164461
.mc.yandex.com/	1970-01-20 17:39:25	Name: sync_cookie_csrf Value: 3229040296fake
.utraff.com/	1970-01-20 18:22:47	Name: preutid Value: 1
.upravel.com/	1970-01-20 17:39:24	Name: session_tptc Value: 1705164460653
.yandex.com/	1970-01-21 03:15:24	Name: i Value: 1W/pXZiRPepzbdFIrwA/mzHtT9/YauBE8CQXtYkDP82hpBQal5uHxcUg9tt1KcxdkOGLqXa8DtviddXJ6olY+Zy7yYQ=
.yandex.com/	1970-01-21 02:25:00	Name: yandexuid Value: 3712337901705164460
.paladiny.ru/	1970-01-20 17:40:36	Name: _ym_isad Value: 2
.upravel.com/	1970-01-21 03:15:24	Name: user_id Value: 6bff403d-d9f8-4c38-b111-ff0ea11496ec
.mc.yandex.ru/	1970-01-20 17:39:25	Name: sync_cookie_csrf Value: 755342582fake
.mc.yandex.com/	1970-01-20 17:40:50	Name: sync_cookie_ok Value: synced
.acint.net/	1970-01-20 18:22:36	Name: cSyncDp14v4 Value: 1705164460
.ccsyncuuid.net/	1970-01-21 02:25:00	Name: jcsuuid Value: lpY8IC9RzZbjsF4Dnh53
.doubleclick.net/	1970-01-21 03:01:00	Name: IDE Value: AHWqTUkRrPqH1AQhm8xnVyt_Y-4gfJOYzTvidxQLvUdYadL65bwplmxdFj2z8JEV
.adhigh.net/	1970-01-21 02:25:00	Name: gi_u Value: u5OFywgnVlCN.AikABlGNA7jS7A
.yandex.ru/	1970-01-21 03:15:24	Name: yandexuid Value: 3712337901705164460
.yandex.ru/	1970-01-21 03:15:24	Name: yuidss Value: 3712337901705164460
.yandex.ru/	1970-01-21 03:15:24	Name: i Value: 1W/pXZiRPepzbdFIrwA/mzHtT9/YauBE8CQXtYkDP82hpBQal5uHxcUg9tt1KcxdkOGLqXa8DtviddXJ6olY+Zy7yYQ=
.yandex.ru/	1970-01-21 03:15:24	Name: yp Value: 1705250860.yu.4438438861705164460
.yandex.ru/	1970-01-21 02:25:00	Name: ymex Value: 1707756460.oyu.4438438861705164460
sync.adspend.space/	1970-01-21 02:25:00	Name: as-user Value: 149d19b8-aace-4dc7-85b2-61ba18b34ce0
.adhigh.net/	1970-01-21 02:25:00	Name: sape_sync Value: L7CJ
.yandex.com/	1970-01-21 02:25:00	Name: yuidss Value: 3712337901705164460
.yandex.com/	1970-01-21 02:25:00	Name: ymex Value: 1736700460.yrts.1705164460
.adnxs.com/	1970-01-20 19:49:00	Name: uuid2 Value: 2179214382047733082
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 484362091705164460
.rutarget.ru/	1970-01-20 21:58:36	Name: userId Value: 3-sQYS2dxpkz
.casalemedia.com/	1970-01-21 02:25:00	Name: CMID Value: ZaK.rL8n-ZkV2igyWqk5XQAA
.casalemedia.com/	1970-01-20 19:49:00	Name: CMPS Value: 2198
.casalemedia.com/	1970-01-20 19:49:00	Name: CMPRO Value: 2198
.adriver.ru/	1970-01-21 03:15:24	Name: cid Value: AkYqrQEuJdXD0PNhA7LvEYg
.doubleclick.net/	1970-01-20 21:58:36	Name: APC Value: AfxxVi78xPRARPtG9on7SQYDl6EwP7bvwRf8mcXivRBfPc-lUpPjPg
.uuidksinc.net/	1970-01-21 02:25:00	Name: jcsuuid Value: XWX5HS4nuNN8G8SeFbt8
ads.adlook.me/	1970-01-21 02:23:49	Name: adlm_userId Value: 498b4181b03440b098d9076fd86f491c
ads.adlook.me/	1970-01-21 03:15:24	Name: adlk_cmatch Value: sape%3A0100007FACBEA2653436EA04021A2749
.mts.ru/	1970-01-21 02:12:02	Name: dspid Value: e814d066-51a0-4c69-8205-3f4b8fb43dee
.ssp-rtb.sape.ru/	1970-01-21 03:15:24	Name: sspuid Value: CkIDEmWivqx/tQFBBGc8Aux4/3Vdxy3IR2Bdd2cxYZp9V7eS
.bidvol.com/	1970-01-21 03:15:24	Name: bvuid Value: rcgnxgii3m
.paladiny.ru/	1970-01-21 03:01:00	Name: __gads Value: ID=3ecf040ed97c9cba:T=1705164460:RT=1705164460:S=ALNI_MZDkOGo5E7i03e4U7LEKXLwkDOrvw
.paladiny.ru/	1970-01-21 03:01:00	Name: __gpi Value: UID=00000cf5f166e47e:T=1705164460:RT=1705164460:S=ALNI_MbJwv5Sg-WeaTFSq8ukLPHxTPhl0Q
.bumlam.com/	1970-01-21 03:15:24	Name: suuid3 Value: IiQ3NzY2MmI4YS1iMjMzLTExZWUtYmJiMS0wMDI1OTBjODI0MzY*
.aidata.io/	1970-01-21 03:15:24	Name: __upin Value: e3COkPdBqFhZTMuAUqAIcg
.aidata.io/	1970-01-21 03:15:24	Name: __upints Value: 1705164461
.doubleclick.net/	1970-01-20 18:22:36	Name: ar_debug Value: 1
.adnxs.com/	1970-01-21 03:15:24	Name: XANDR_PANID Value: LzyWCaqzQiclgT77Q3XA9sq7qOlGRGiMuP0Bu8UJYkwLWf1443c2aEDkbZAI6_MVEMNyz_eDcyVfm70GN7ywg16oUzqcVoJDA7LCdE04hy8.
.adnxs.com/	1970-01-20 19:49:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?`kD7#j!]tcR8i_iqf!oN/@E'zz<*Z0Qmmt]VBc(/_9KvpTrsG5vQekm1QJe@.N'S>?<QG=%9sk@3@'s>TGe7-3
x01.aidata.io/	1970-01-20 17:43:43	Name: livin Value: 1
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.ohmy.bid/	1970-01-20 18:22:36	Name: uid Value: 98989bd6-1fbd-4a9c-ae99-149f0e3e5df9.65a2bead.4d93a70ef7c8202f
.gonet-ads.com/	1970-01-21 02:26:26	Name: pid Value: NDU1Yjk5NGExNGIwMjhhOA
.agency2.ru/	1970-01-21 02:12:02	Name: uuid Value: 298e825c-6571-44a1-81cf-acc8dcc5218c
sync.programmatica.com/	1969-12-31 23:59:59	Name: chk Value: 1
.programmatica.com/	1970-01-21 03:15:24	Name: pid Value: NDczOWJmNGE4YWQwM2E3Nw
.betweendigital.com/	1970-01-21 02:25:00	Name: dc Value: was1
.betweendigital.com/	1970-01-21 02:25:00	Name: tuuid Value: 94f7e899-398b-530d-82e0-a089e7421e24
.betweendigital.com/	1970-01-21 02:25:00	Name: ss Value: 1
.mts.ru/	1970-01-21 03:15:24	Name: mts_id Value: a5041387-ec34-4c63-81fe-7600fe7ae65c
.mts.ru/	1970-01-21 03:15:24	Name: mts_id_last_sync Value: 1705164461
.insightexpressai.com/	1970-01-21 02:25:00	Name: DW Value: 00000000-0000-006e-7802-bc1705164461
.insightexpressai.com/	1970-01-21 02:25:00	Name: TID Value: 00000000-0000-006e-7802-bc1705164461
.insightexpressai.com/	1970-01-21 02:25:00	Name: DW_Time Value: 1705164461
.doubleclick.net/	1970-01-20 17:39:28	Name: DSID Value: NO_DATA
.betweendigital.com/	1970-01-21 02:25:00	Name: ut Value: ZaK-rQAGg_hGZQFWBiql3PfuewJ-8pMnjfa0iw==
kimberlite.io/	1970-01-20 19:49:00	Name: u Value: ZaK-rcprDqI~YBPjPX1BSrsmvj28lbDgl74jDzI
sync.dsp.solta.io/	1969-12-31 23:59:59	Name: chk Value: 1
.sbermarketing.ru/	1970-01-21 02:25:00	Name: dmpuid Value: MA2LUVykRuuPPBjcHcbUZw
.dsp.solta.io/	1970-01-21 03:15:24	Name: pid Value: NGJlM2NjMzhiMmZmODRlNg
.turn.com/	1970-01-20 21:58:36	Name: uid Value: 7748702068980944163
.quantserve.com/	1970-01-20 19:49:00	Name: d Value: EEABCQHyKoEA
.quantserve.com/	1970-01-21 03:09:38	Name: mc Value: 65a2bead-8b159-f936c-d09ab
.adx.com.ru/	1970-01-21 02:25:00	Name: user Value: 65a2beadd41e0600017d93a9
.e.dlx.addthis.com/	1970-01-21 03:09:38	Name: na_tc Value: Y
.dmg.digitaltarget.ru/	1970-01-21 03:15:24	Name: viuserid Value: AiCkr1gkkNKwKskFxXZQ
.addthis.com/	1970-01-21 03:09:38	Name: na_id Value: 2024011316474100018933205206
.addthis.com/	1970-01-21 03:09:38	Name: na_tc Value: Y
.addthis.com/	1970-01-21 03:09:38	Name: uid Value: 65a2beadf21177d6
.addthis.com/	1970-01-21 03:09:38	Name: ouid Value: 65a2bead0001025ca7ba07acfd5d8aab7c31e0d1feb248387d4c
.dlx.addthis.com/	1970-01-20 18:22:36	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 18:22:36	Name: na_sr Value: 20240113
.dlx.addthis.com/	1970-01-20 17:39:24	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 18:22:36	Name: na_sc_e Value: 0
.mail.ru/	1970-01-21 02:26:26	Name: VID Value: 0emsTl3OnVYM00001D2QbCYM:::0-0-0-abd176c-0:CAASEHlyKERcjsp4DJLekjot5zUaYPWbQ0qLbCRrsgQWGr0RhfjtnXhTr2oe3orKqFEn7LL6OReoov8TTT6EdayyN4ZX4zwa3GoTjY4mw5Bmchwf8voehqyrHeL4fyUJfI56ZwfYJxJI3mEtdmMTJZvjYwnDrA
.awin1.com/	1970-01-20 17:40:50	Name: awpv18295 Value: 137680\|1705164461\|77db6fd0-b233-11ee-8694-226555b1c0ac
.tribalfusion.com/	1970-01-20 19:49:00	Name: ANON_ID Value: aqntuJmMZaE8DXqwmMRTRfiKnJf0ErVJun0yvjQXqEZb4bYuRYZcZbYTVX6UeaO0LC47bthOmyXtdg3sf9gtDIQUJROn
.awin1.com/	1970-01-20 17:40:50	Name: awpv19803 Value: 137680\|1705164461\|77db96e0-b233-11ee-b3cc-2233d0695e79
.weborama.fr/	1970-01-21 03:05:19	Name: AFFICHE_W Value: w8C@k96DAj-D10
.awin1.com/	1970-01-20 17:40:50	Name: awpv19801 Value: 137680\|1705164461\|77dd4490-b233-11ee-a4ff-226608db104b
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 390844:3273948

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

77662b8a-b233-11ee-bbb1-002590c82436.n1.sync.bumlam.com
a.tribalfusion.com
a.utraff.com
acint.net
ad.doubleclick.net
ad.mail.ru
ad.turn.com
ad4m.at
ads.adlook.me
ads.betweendigital.com
adx.com.ru
an.yandex.ru
as.ad4m.at
assets.ad4m.at
cdn-rtb.sape.ru
cm.g.doubleclick.net
cms.quantserve.com
counter.rambler.ru
counter.yadro.ru
cs.agency2.ru
d4.c1.b4.a1.top.list.ru
dclk-match.dotomi.com
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dmp.sbermarketing.ru
dsum-sec.casalemedia.com
dwar.ru
e.dlx.addthis.com
ev.adriver.ru
exchange.buzzoola.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
kimberlite.io
kraken.rambler.ru
match.new-programmatic.com
match.ohmy.bid
mc.yandex.com
mc.yandex.ru
mts-dsp-sync.rutarget.ru
nr.bidderstack.com
onetag-sys.com
pagead2.googlesyndication.com
pix.bumlam.com
prod-rtb.ad4mat.net
px.adhigh.net
r.turn.com
redirect.frontend.weborama.fr
s.ccsyncuuid.net
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
sape-sync.rutarget.ru
secure.insightexpressai.com
sm.rtb.mts.ru
solta-sync.rutarget.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.afp.ai
ssp.bestssp.com
ssp.bidvol.com
static-de.ad4mat.net
sync.adkernel.com
sync.adspend.space
sync.bumlam.com
sync.dmp.otm-r.com
sync.dsp.solta.io
sync.gonet-ads.com
sync.programmatica.com
sync.rambler.ru
sync.teads.tv
sync.upravel.com
tag.digitaltarget.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
vma.mts.ru
w1.dwar.ru
w2.dwar.ru
www.acint.net
www.awin1.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.paladiny.ru
x01.aidata.io
104.18.36.155
138.201.192.161
142.250.184.198
142.250.185.226
142.250.185.98
146.185.148.189
167.235.117.42
167.235.9.235
178.170.192.140
178.170.196.247
178.22.89.12
185.12.127.130
185.15.175.134
185.40.31.213
185.98.54.153
188.120.241.47
188.42.105.220
188.93.63.157
193.232.150.46
193.3.184.137
193.3.184.211
195.201.198.232
195.201.57.28
195.209.108.58
2.16.97.41
2.23.197.190
2001:678:cb4:bbbb::11
213.87.44.187
217.199.220.44
217.65.2.150
217.66.147.36
217.66.147.41
23.111.107.44
23.197.149.186
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:4ab4
2606:4700::6812:18ad
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1148:db00::17
2a00:1450:4001:802::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a02:26f0:3500:58c::1ec4
2a02:6b8::1:119
2a02:6b8::90
2a02:fa8:8806:16::1370
31.172.81.158
31.172.81.172
35.190.24.218
37.18.110.198
37.230.131.22
37.252.171.85
45.139.25.120
5.189.234.227
51.89.9.251
65.109.65.188
77.245.57.72
78.140.242.69
81.19.89.17
81.19.89.18
81.222.128.216
83.222.117.90
83.222.96.170
88.212.202.52
89.108.119.28
91.192.150.36
94.130.221.58
94.228.127.171
95.163.52.67
96.46.186.61
070e94d6a0af14fc9fb82cf1c616b324c4cd508ec215667c80080663b06bdb0c
07bcf6f000a5d0e894101001323f067a0132fe8c065218e55a54b4c44b892632
082213dd11b283471559bdd96f0d8e4d3271e4cf891bb043ff40d1214425e306
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d4f42be14e9b694cd621a7a619326f761b282d2906e6261640063911fb0f394
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0e10f07e21bdc3acceb8b6163bc8d6f749147a15abde39f6d65f5eae72d4e404
0e5dd0968f7537aa57747c32f3a41751961bb82b27cee5d9562197c02db5324f
0f883456ac7a160704cba073537061e2cc7cacffb5367ec79e9823ac37a25441
10832e5bb99c670b86b3674ce3ff3982dc5819b970f36262ab117641835fea7f
11011bbf0d3cb26e0fceafca878f9b4c4f2e6f8c9c3a16ac3596bf728a9e13aa
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16a992224a960c618cc1c18e44a4b6301a665cad4039374421247a353bd9db75
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18863edc17d105efe80f3ca8d2833dcbac289e1de33d7bb2ecfb53a4a2136b11
1e97ec018a5a500f1b8046e66a18155ab2db29f2f63dad606a443b1196f83216
1eafbf64b60b4c39c967061c54b59050c5cc9b51c14a8276fe461722d0554917
1fb97f456dbe39ced7befd497425fcfa3eecdc38504fba0e353b47a490a56e97
20ff99e448fa1b08900e977609bd2a57537c99e7f190c1fc3549f778e1b5f879
213bb8cd33e8de49166a067eaa45fdd8b1649e3df576b4a1c43151e31c474fe4
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2597e70b3392039de3923e17b5291442716bda6577bb117516200a325df816d5
2611916f938882a3b2abbffb2ca0af48b22dbdb42bac519fe4c5962f7715ecdf
2628c42c75914f3e08cc1366ae5bef74bd5c6b495b9faf8474da652617b97b1d
2674eff5653596ce98f9bfa4b31830358d221df49b9dca5c7426b9589c8013e2
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2da56f9281cf0c312c3d54c1dd80b604274077a565de76026bcd3b77e41a3126
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f5895f20f4c9c3da14b56c49a3cd1c40152df4f61a6c2561d6ea3e069124ea2
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35879eb94bef73bd2fab40f0c3391c26d53844b67e7fd4a7c7ba9ef86fb96968
36d71a4322b43e8bc7f079e0e9ff676e97ac8af955332e30de9d513e0ca8b861
37881ae5efaa53b3231ecc5131134ffb7703e8c0f59fa5a1eb3ed70adc9a3473
3858dc61ea0064fe84c32ce3ff456b23152823741c54a39967d93a671b94d6dd
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3aa90d8d09735c63f9e98c0967198abaf7ae4a9b3d1d570c0dd22ea939312140
3cf42c364a720bd0e3c2e854a0ef3a437c926df98005b0a84b4c481234dfb7f9
3d1c7fa88b88d3f705e85a5e805eb6b3543a7e480b84cbaead60389c4bb70b4e
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3f21685ff824954078e67489f9dd25825c0ba002baff404ca61457288eb0061d
40880265c1ba50bcfa276d847b28d0fd3c1780da048e3b2299c6da193cd3c323
40ed9971456e7552b7bcc66b4a048f01579b9c058293947df3abf9e23ce7e34c
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4227347d816335bc568470d0c065ce379f906fca2214f5b210d6ac32f0f1cf81
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
4352e17e29cc43306f11c9e6d6e652a9bdad95b7469dea705d85d31a38089bf9
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
46612b2c33d8502a26bef927b364c85ba1bd5e8c9491bb9c369ec9d8900682ba
467da83dd32db97c82e624d9023508f35a223e803d50551c6aa8efe5600f44f9
487238b9c9c6d7ade7161ece3909d28315189cddd05644fd918b5b7dc40b0929
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4909f41909ddc2270c51040c1b2548c64696cb652fa9348221b3cf52c38df337
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0f1cb81072fca61fa7f3bd64686888ed3b58e76940dc878de87f4ae51f5c64
528da13c7f7aaa99ff1c71ef80f1a62b2075b8de903ef9c873d34532496ee13b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556f5f52b8aefd4caa5e44b22b6f5be1b9fa9a66cedd040244594ccbb3016479
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57d71b72317038d6bba7a8d12bbcf44969a75ac2da004911f803e1010ef5c79c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e740b4c722831d9a6451a42a01ca2541e1a0c2af5718703a89bc9823c16099a
5e7e0351e1cb404be993cebab8a673f07e7fc85486b3af80ab8afd9f546d7ec8
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
6400a39fde3f088e724fa23ed2713c7bddd7e040887f160a1f10879de799b07e
65e6bdf74cdc3f43bd2bccf48032070b14d306f543d57f7a9f9e04609c6803dd
664cd053448edad7c51b1a5e024c9ae8b9f727593d023864b99d9b909ed48c2c
6757a794295d7c879b85d298940e47ba17ba94d73399101b1eb90081f703783f
692050722f9a8d3f195948f6f6611f678ca177e029da1d1c3138fd04a2d19d05
6928d950213d68037a85890346f61be7cac1532a37a3ff788bb2c2bfc9aefe2b
6b9159f40e567f25875eea66a419bac05adb855287a6a5ea89db394abbc3c12e
6c7bd67d4e974ad78e9c8f024603ef0c1bd0ae2f5d8b1fe68e058be32a748bdc
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
715eb6848028b84fa69bd9f38a9e3a52876e36538b42082b94754536e0a720cc
74dcd398eafd7dbc3d07b76625839f63f464de97b26adca97ac30883cf79b0d9
74e51ad76a9c144a79ddce4488618495769b9c3af5b6ff4651315545850ae3a2
769bcb8ae106f95598a693f66f8798cf3b52047ab7b1b7ff53a9077d1564a711
77533c4f2b45519cfbaeac82d28c2c6ecb5e5106dedf6a45794f06c00051b5c2
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
810f042c00a2c0e83fca38177e28911f4e99e764c4db430245b0689999bc77dc
82676560cdf2c9827a00b38af54572e56364d04a110747eac49dd8218b67640a
82a243f1185d308e2b5425cb7870d71365d75c741f0bd146be301110ca1bb471
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c778ec8e53f897b7ed92b2e556a04229ffdcfc65a53c42d7fb2654d359c83b
878a1964e962f2a00955cd82ee91fae99e6a5b6dbf74f25e5bd126c5894bd291
8c1e06daa0635ddc986efacf5d8d75e0bd042630b25ff3ff89a016eea620d5fe
9136d411ae25e3b6095f96a4dd7a8e6e88d42af73d49bf7f447a53cf494913dc
93232429ae1d70118d0b38338faf80eeba8db47640252c3019d607950a753c03
9346f974182d74bbb8b7a74a5d6c063d11bdb08cf19f44a5347e2d10c91a86af
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c98d0d06e9875cb3b2b2550bd6bf077c4a30952e60d20e72ca59c6df4627d1a
9dc240032a0a2a32565c9cc1c021928d1f719cb912bb744a9b1b7625b1470ba1
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9f20d1e58609e8d73a77c16bf2ff3a53b87439cfd537dff3bd344c86b400d760
9f2c57e3715b87f2abe5a04e67385cacb2a05d59ab1199a9913e5cd808f32f3b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a13fa404297bf52896c2e3ddda49891e7f23c268d43a1cf04a03a2b02e32ad54
a392990f67e088b02fdae4d0b91e8ec209ac8dfc99891da4d67a362b15f0e343
a5ad4be07198ebf5e195932b487b9b56a49a958d935b7e22ff2f5bfc7c7f5459
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a746a7f9863af1b7b43f77aace35803ccdbf2d8a55d8cebc5ce93f7d4e2337df
a79e09c4cf3188b286ce479a96f6a58f8aca07a4e41095234352d18448e9516e
a8e6c953ef6e2baf479917190c1f06ef5ea55414630d6901d9b8291c7ed13521
a9545d5aaaffeaa1d0c5e92529a2e1b3ac276c1ab9f2201e5a4d6aecf31d662b
aad4d0b19ec249e3b35d8a085b29ed2e9b84388e511ea5dbb31df9e1d1a18ae6
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aba4852dfc7b5f2bafef02200c329f1cb1ae85786eb6c359efc8b05bc3b2e59f
ac2646f4de595bcabd0abe22a0a8b7ce22c9eb2d8c42c8fab6a0e53c80650878
ae1401ab4ddd9845a325bf809e93499c7d8bc0a52e8f032f206da67272aabcc0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b64eb2181cf8894c2e85c0c757bdcd346d6274fc3b2a8a450abc9717c571ac
b50c0d2bc812270e5dcb51f7116ef66cca497fe49b031ebd0d27fa999e2a2658
b6c3cc61662396e5e69e08cae9a8bf73a62ffe433545c0d1783a30ac5a761e6a
b8799aee68c4e47eaebfb86799362bd4dd73a199d661a0d6838d3e83cacbdec4
b92e859ef152d5b105783e68f25b3474b519bb44b5a3302a36e1faf6fd34463a
b9d3550ec6290d4577c10314a6b5580fd0e7415bc9e3ad3dc7d439621b3d2c37
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c341dc7b20778b50fc70347f302e9e3882e90c1a1ebfe4e0b5f350c529a0be5d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5da2474740f8762021661a2d791f5d348e1109d60b0b11c319bddb16d089836
c664d5978cf581aed82573b3aa67871eafed5cbab4a9fa2b606d24d0fb849aee
cce7b144e81773e7af9bfbf16d0e1bfe5807d31d071ad9b9c4135865f6d9d8dc
cec8daa3247004d679962186c0e4ab619a2e2e268be83a9f0e30a63941fed980
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfdbae1c302cf3e3cf68a0b9a049503fbec2165e1ee9b783bc67b7c4deb657c7
d054cf2d853d8cfffb80a129cb7789b16fc34b191f67d2483485f870e3a74f9c
d0aa2e0a9939fc986515da1a907b6f57b9928e8a7be97c1945a1d1d365ee5274
d251101f3039f702bd870b1e4ae92addc42f895f3f9699f0d1341aaed075c47f
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d4dc068700802f1a3ff3f640e249a537e3c10deefd2fd33fb614bc1c5f022f8c
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d73b448fffd21a709f9fc04cccee3f53f6e45050cfe82bb3a09204b4f94d0c35
d76a1715a5e2fd386a0fa2eeb08818d38eb8069a689f5e3d78b93f6dd8b0f060
d86f06fa78fa503f1cdf2c9de099f9e691871af0f4c05b10c2bc32399e4b8a48
d931d9fb6e720d56a94db044f0b42af45b96fb0c57706597c3d97a69b54c46f4
d9453129c16b0215069d80e4b526c0546b259fae8d615e1b3aa775a8d76bac57
d9a646084d08615946bbce7d4b06dfe8e6bed44733e42aaf03cd3e564a6a4b7c
da3aac110278116dac2ac2359465f8c511d12cee712ca74e828350e891c92846
de995f7235ae0eda88052417f972cf26f9fac1f36014c93a8bd67827b75107ea
df1c3706de99045e28932083d74815c3bc1330c57de9c861e5f4e5de88ae70e4
e21dd1f07b60c27a6658e8d07e62973b6efeb112eb512741d58fe5fa72a301d7
e2ed7d372b4df9b6132f8bc5ee9534994a37790e9f8612c89de3131ac0a3ee76
e343b922783a7d473723eddf5276b370eac4f61f63aa09b4e9c675818619a5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
edc4b27fb965d75c182c0353466b30696adb23bc9541df6e0e6ddda3692c2ad8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1533d88066cf986a9dd24c2ada9e9386cbdd29793e1448af235bac55a16dbb0
f16335f044269bc224734879f40d924500cd2867977275c6cf36efb28be66c16
f294a2d080c9e37dcf007f1f162abb501d38b76a3ecddef0d7f87d8e4de471fa
f330fc97f10232f374a69c767063a5c1128ee61ffbe7ce086350cb03e82622e9
f5e38d3fa62d4e16f6bc6b1253345f7a71402d9f3bcb78a341afb387c02e44ce
f930cf40c417e13546aac7229e5855de567565e4c2428bef6f7f9af21cb60d90
fc0b834cbf1da15b1db4164eb42b2378ad6e5539a20f9e946f63b3e2cd0c024d
fd4424b11c227abdf21fecb2be1ba5d1ce2ebbe9018378a40ea62c062401cf04
fd7bd8899129d916ffbfa0b67e14f6dde1fd46008f042ef00dfbd7dd99361511
fddee2b48f1822e49e4c1eb8d237ef5ad94d5ab8a9306643a024423aeb7012bc

www.paladiny.ru Open in urlscan Pro 146.185.148.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

273 Requests

57 %HTTPS

27 %IPv6

62 Domains

87 Subdomains

50 IPs

9 Countries

3089 kBTransfer

6290 kBSize

133 Cookies

28 Outgoing links

Page URL History

Redirected requests

273 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paladiny.ru Open in urlscan Pro
146.185.148.189 Public Scan

Screenshot
Live screenshot

Full Image

273
Requests

57 %
HTTPS

27 %
IPv6

62
Domains

87
Subdomains

50
IPs

9
Countries

3089 kB
Transfer

6290 kB
Size

133
Cookies

273 HTTP transactions
4 data transactions