ru.ntunhs.net Open in urlscan Pro
104.21.8.118 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ru.ntunhs.net/
Effective URL:
https://ru.ntunhs.net/IPInfo/RU/index.html
Submission: On October 18 via manual (October 18th 2021, 4:41:34 am UTC) from AU — Scanned from DE

Summary HTTP 42 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 42 HTTP transactions. The main IP is 104.21.8.118, located in and belongs to CLOUDFLARENET, US. The main domain is ru.ntunhs.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 21st 2021. Valid for: a year.

This is the only time ru.ntunhs.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 11	104.21.8.118 104.21.8.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	54.241.51.109 54.241.51.109	16509 (AMAZON-02) (AMAZON-02)
2 7	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
4	35.201.103.0 35.201.103.0	15169 (GOOGLE) (GOOGLE)
9	94.31.29.128 94.31.29.128	33438 (HIGHWINDS2) (HIGHWINDS2)
9	99.86.3.168 99.86.3.168	16509 (AMAZON-02) (AMAZON-02)
42	6

11 104.21.8.118 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ru.ntunhs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.ntunhs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.241.51.109 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-51-109.us-west-1.compute.amazonaws.com

bdv.bidvertiser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 173.192.101.24 (Dallas, United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

p93920.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mybetterdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.103.0 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 0.103.201.35.bc.googleusercontent.com

www.greatdexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net

p93920.mycdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 99.86.3.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-168.fra6.r.cloudfront.net

d2b9l3u54v5v39.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	ntunhs.net 3 redirects ru.ntunhs.net tracker.ntunhs.net	88 KB
9	cloudfront.net d2b9l3u54v5v39.cloudfront.net	11 KB
9	mycdn.co p93920.mycdn.co	126 KB
7	bidvertiser.com bdv.bidvertiser.com	44 KB
5	mybetterdl.com mybetterdl.com	66 KB
4	greatdexchange.com www.greatdexchange.com	2 KB
2	clksite.com 2 redirects p93920.clksite.com clksite.com	223 B
42	7

	Domain	Requested by
10	ru.ntunhs.net	3 redirects ru.ntunhs.net
9	d2b9l3u54v5v39.cloudfront.net	bdv.bidvertiser.com
9	p93920.mycdn.co	p93920.clksite.com p93920.mycdn.co clksite.com ru.ntunhs.net
7	bdv.bidvertiser.com	ru.ntunhs.net bdv.bidvertiser.com
5	mybetterdl.com	ru.ntunhs.net p93920.mycdn.co
4	www.greatdexchange.com	ru.ntunhs.net www.greatdexchange.com
1	clksite.com	1 redirects
1	p93920.clksite.com	1 redirects
1	tracker.ntunhs.net	ru.ntunhs.net
42	9

This site contains links to these domains. Also see Links.

Domain
www.ntunhs.net
search.derekr.com
www.intango.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-21` - `2022-06-20`	a year	crt.sh
*.bidvertiser.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-25` - `2021-11-30`	2 years	crt.sh
*.mybetterdl.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-26` - `2022-04-26`	a year	crt.sh
greatdexchange.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-18` - `2022-02-18`	a year	crt.sh
*.mycdn.co Sectigo RSA Domain Validation Secure Server CA	`2021-10-13` - `2022-10-22`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://ru.ntunhs.net/IPInfo/RU/index.html
Frame ID: 7D771F449E35630CC5E35CFF6F3CBA3C
Requests: 21 HTTP requests in this frame

Frame: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=2670049179878&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=2670049179878&js1loc=-&loctitle=%20DNS
Frame ID: 3138E0828B72453D8AB330CC7678B123
Requests: 4 HTTP requests in this frame

Frame: https://www.greatdexchange.com/ad/display.php?stamat=m%257C%252Cs4ifzYjLqB1dAN0dEdHP3xP.378%252CZMkKdRAQlkuDbgTABrav5NV1jv5Au773xff4FW3Vpntds3Lpn9WSxACUKDKkv83Ib3z7veiac8sleekPQRDmIUFcGtz6lq_CgoVQHinZwzo%252C&cbur=0.996283018123459&cbtitle=%D0%92%D1%81%D0%B5%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%B8&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=%D0%9F%D0%BE%D0%BB%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B0%D0%B7%D0%B0%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%BF%D0%BE%20IP%2FDN%2FWhois%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0.&cbkeywords=%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%2C%20Whois%2C%20DNS%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%2C%20IP%2C%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B8%D0%BC%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20Whois%20IP%2C%20IP%20%2F%20Domain%2C%20%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B8%D0%BC%D1%8F%2C%20IP-%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%2C%20%D0%BE%D1%82%D1%81%D0%BB%D0%B5%D0%B6%D0%B8%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%B8%D1%82%D1%8C%20IP%2C%20IP%20%D0%B4%D0%BB%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%2C%20IP%2C&cbref=
Frame ID: EDDCA4C72F09BEDA99CCE6D5FB8A637E
Requests: 1 HTTP requests in this frame

Frame: https://www.greatdexchange.com/ad/display.php?stamat=m%257C%252Cs4ifzYjLqB1dAN0dEdHP3xP.378%252CZMkKdRAQlkuDbgTABrav5NV1jv5Au773xff4FW3Vpntds3Lpn9WSxACUKDKkv83Ib3z7veiac8sleekPQRDmIUFcGtz6lq_CgoVQHinZwzo%252C&cbur=0.5913436076755838&cbtitle=%D0%92%D1%81%D0%B5%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%B8&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=%D0%9F%D0%BE%D0%BB%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B0%D0%B7%D0%B0%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%BF%D0%BE%20IP%2FDN%2FWhois%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0.&cbkeywords=%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%2C%20Whois%2C%20DNS%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%2C%20IP%2C%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B8%D0%BC%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20Whois%20IP%2C%20IP%20%2F%20Domain%2C%20%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B8%D0%BC%D1%8F%2C%20IP-%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%2C%20%D0%BE%D1%82%D1%81%D0%BB%D0%B5%D0%B6%D0%B8%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%B8%D1%82%D1%8C%20IP%2C%20IP%20%D0%B4%D0%BB%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%2C%20IP%2C&cbref=
Frame ID: A5A2991E7BADCAF397FC8F0AA937E929
Requests: 1 HTTP requests in this frame

Frame: https://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: 7AD863B64A8802435B7014031BE72E92
Requests: 2 HTTP requests in this frame

Frame: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=036197206189&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=036197206189&js1loc=-&loctitle=%20DNS
Frame ID: 5D510DD94D9363DEDE05A6ACBA68B62C
Requests: 4 HTTP requests in this frame

Frame: https://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: CDF1C485E0D1D99BD56F2E68FCFAD45F
Requests: 2 HTTP requests in this frame

Frame: https://www.greatdexchange.com/ad/display.php?stamat=m%257C%252Cs4ifzYjLqB1dAN0dEdHP3xP.378%252CZMkKdRAQlkuDbgTABrav5NV1jv5Au773xff4FW3Vpntds3Lpn9WSxACUKDKkv83Ib3z7veiac8sleekPQRDmIUFcGtz6lq_CgoVQHinZwzo%252C&cbur=0.05373609348537567&cbtitle=%D0%92%D1%81%D0%B5%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%B8&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=%D0%9F%D0%BE%D0%BB%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B0%D0%B7%D0%B0%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%BF%D0%BE%20IP%2FDN%2FWhois%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0.&cbkeywords=%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%2C%20Whois%2C%20DNS%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%2C%20IP%2C%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B8%D0%BC%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20Whois%20IP%2C%20IP%20%2F%20Domain%2C%20%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B8%D0%BC%D1%8F%2C%20IP-%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%2C%20%D0%BE%D1%82%D1%81%D0%BB%D0%B5%D0%B6%D0%B8%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%B8%D1%82%D1%8C%20IP%2C%20IP%20%D0%B4%D0%BB%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%2C%20IP%2C&cbref=
Frame ID: DA18A2ED449D098EECAD849CB4043A36
Requests: 1 HTTP requests in this frame

Frame: https://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: C06BDDF9ABFEA15AFD2CCA4F33CCD30F
Requests: 2 HTTP requests in this frame

Frame: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=7688940008387&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=7688940008387&js1loc=-&loctitle=%20DNS
Frame ID: B96633142760FCD507DB3D04406E7C66
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Все IP-адреса информации

Page URL History Show full URLs

http://ru.ntunhs.net/ HTTP 301
https://ru.ntunhs.net/ HTTP 301
http://ru.ntunhs.net/IPInfo/RU/index.html HTTP 301
https://ru.ntunhs.net/IPInfo/RU/index.html Page URL

Detected technologies

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Page Statistics

42
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

6
IPs

3
Countries

337 kB
Transfer

635 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ntunhs.net/lang/RU/index-1.html
Title: Главная страница

Search URL Search Domain Scan URL

URL: https://www.ntunhs.net/lang/RU/index-2.html
Title: О нас

Search URL Search Domain Scan URL

URL: https://www.ntunhs.net/lang/RU/index-3.html
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.ntunhs.net/lang/RU/index-4.html
Title: Ссылки

Search URL Search Domain Scan URL

URL: https://search.derekr.com/

Search URL Search Domain Scan URL

URL: http://www.intango.com/adinfo/
Title: Page

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ru.ntunhs.net/ HTTP 301
https://ru.ntunhs.net/ HTTP 301
http://ru.ntunhs.net/IPInfo/RU/index.html HTTP 301
https://ru.ntunhs.net/IPInfo/RU/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://p93920.clksite.com/adServe/banners?tid=93920_153711_0 HTTP 301
https://mybetterdl.com/adServe/banners?tid=93920_153711_0

Request Chain 11

https://clksite.com/adServe/banners?tid=93920_153711_2&pause=5 HTTP 301
https://mybetterdl.com/adServe/banners?tid=93920_153711_2&pause=5

42 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response ru.ntunhs.net/IPInfo/RU/ Redirect Chain http://ru.ntunhs.net/ https://ru.ntunhs.net/ http://ru.ntunhs.net/IPInfo/RU/index.html https://ru.ntunhs.net/IPInfo/RU/index.html	23 KB 4 KB	393ms 392ms	Document text/html	104.21.8.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ru.ntunhs.net/IPInfo/RU/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.8.118 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8c7153c21017d67726c618f3c5ec108f6b7b50402114a6e720f1d57b6760a6ea` Request headers :method GET :authority ru.ntunhs.net :scheme https :path /IPInfo/RU/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Mon, 18 Oct 2021 04:41:27 GMT content-type text/html; charset=utf-8 x-mod-pagespeed 1.13.35.2-0 vary Accept-Encoding cache-control max-age=0, no-cache, s-maxage=10 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBYZhSeySXgfEMHE%2FEC9qv0uNz3FqDZIJhPDgwFmjsiIxkBZZYV1%2BqXBkYpGIzueniAzDMD1fiQZzrSwgbyrPOJIzCoSVVTZc30T8cLnvdw4HymfZUUHMpc9Yr6cHBUP"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 69ff182a0e8f1f15-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers Date Mon, 18 Oct 2021 04:41:27 GMT Transfer-Encoding chunked Connection keep-alive Cache-Control max-age=3600 Expires Mon, 18 Oct 2021 05:41:27 GMT Location https://ru.ntunhs.net/IPInfo/RU/index.html Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9FKgLIUptEy2YHLeTOX5FlmOxND0p18AdhEyPoslqbcDjiGpOSAz2LxWqcXWqc6es5zR6FR3g06%2BVdLifVlSLsi%2FhXdgQI0Z1%2B0Va0INJIcOQ%2FmNpKzzvHgNWbBDIHE"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary Accept-Encoding Server cloudflare CF-RAY 69ff1829fdb45bf1-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	502	style.css ru.ntunhs.net/js/	0 0	18ms 17ms	Stylesheet text/html	104.21.8.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ru.ntunhs.net/js/style.css Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.118 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software nginx / Resource Hash Request headers :path /js/style.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority ru.ntunhs.net referer https://ru.ntunhs.net/IPInfo/RU/index.html :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/IPInfo/RU/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:27 GMT server nginx cf-ray 69ff182c9c373250-FRA content-length 557 content-type text/html
GET H3	200	tracker.js+lang_RU.js.pagespeed.jc.kvWJB3FETB.js Show response ru.ntunhs.net/js/	2 KB 1 KB	17ms 16ms	Script application/javascript	104.21.8.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ru.ntunhs.net/js/tracker.js+lang_RU.js.pagespeed.jc.kvWJB3FETB.js Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.118 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6bd571bcd252d149f9e9beabc2ef1d4d422261568227ba582f44292ff2ae90ce` Request headers :path /js/tracker.js+lang_RU.js.pagespeed.jc.kvWJB3FETB.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority ru.ntunhs.net referer https://ru.ntunhs.net/IPInfo/RU/index.html :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/IPInfo/RU/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:27 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT x-original-content-length 1881 age 15317573 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Fri, 23 Apr 2021 21:31:57 GMT server cloudflare etag W/"0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23Rj3QGPCYYkEG2zpWoEXaw4JDcdd189DD1yAWauaGJarVsklnsvYciTIDlMg1KKMlrldtwE%2FIuDTNYxTLLPvI9NNO1EhAIQIyCSGCUFlAW%2Bs6NUrlgJrSf19marPxNZ"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 69ff182c9c3a3250-FRA expires Sat, 23 Apr 2022 21:31:57 GMT
GET H3	200	ximg05.jpg.pagespeed.ic.8pXTJFAsMm.webp ru.ntunhs.net/images/	49 KB 50 KB	19ms 18ms	Image image/webp	104.21.8.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ru.ntunhs.net/images/ximg05.jpg.pagespeed.ic.8pXTJFAsMm.webp Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.118 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fe08d8b9b5cce12bc7d204500e5665add3225795e02b445c0cdaf6fe6be42c21` Request headers :path /images/ximg05.jpg.pagespeed.ic.8pXTJFAsMm.webp pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority ru.ntunhs.net referer https://ru.ntunhs.net/IPInfo/RU/index.html :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/IPInfo/RU/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:27 GMT vary Accept-Encoding cf-cache-status HIT x-original-content-length 107856 age 7509454 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 50220 last-modified Fri, 23 Jul 2021 06:43:31 GMT server cloudflare etag W/"0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKGkJ%2Fc8UNFf6zKgphvYc3QrpCVqzGh%2FUvXIDG7QgA1tvAjhX%2FUfcjWKy8jqHaoCvOUPva48t1Hu2GV90BxWjw%2BALApX0OdAyB28Vp6NXHt1i3g6zIhLwLuPTT0kK847"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=31536000 accept-ranges bytes cf-ray 69ff182cbc543250-FRA link <http://ru.ntunhs.net/images/img05.jpg>; rel="canonical" expires Sat, 23 Jul 2022 06:43:31 GMT
GET H3	200	ad3_RU.js+ad3A_RU.js+ad3A_RU.js+ad3A_RU.js+tail1.js.pagespeed.jc.9_AWOzWoIZ.js Show response ru.ntunhs.net/js/	4 KB 1 KB	18ms 17ms	Script application/javascript	104.21.8.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ru.ntunhs.net/js/ad3_RU.js+ad3A_RU.js+ad3A_RU.js+ad3A_RU.js+tail1.js.pagespeed.jc.9_AWOzWoIZ.js Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.118 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3a257ffb6391ef9c492fe022364405c5813658006ff09118b2e6f0ae332f76b0` Request headers :path /js/ad3_RU.js+ad3A_RU.js+ad3A_RU.js+ad3A_RU.js+tail1.js.pagespeed.jc.9_AWOzWoIZ.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority ru.ntunhs.net referer https://ru.ntunhs.net/IPInfo/RU/index.html :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/IPInfo/RU/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:27 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT x-original-content-length 5119 age 15317573 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Fri, 23 Apr 2021 21:31:57 GMT server cloudflare etag W/"0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPCEDrQvYLMlrkTH2YekAb5ivJks%2FvJqLxUJ56%2Fw8%2BYymDO9SwRrHO5gn%2FTAwpZd6uRu3%2BVX2i%2F1moClmlTADqqsb9tZuMK%2Fcg%2BB0UBXOOplUVXSQ38mHazzf9VhkjDu"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 69ff182cbc533250-FRA expires Sat, 23 Apr 2022 21:31:57 GMT
GET H2	200	keep.cgi tracker.ntunhs.net/cgi-bin/	0 311 B	532ms 520ms	Image text/html	104.21.8.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tracker.ntunhs.net/cgi-bin/keep.cgi?User=whois&Page=1&JS=Y&SW=1600&SH=1200&SD=24&LO=&FWD=-- Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.8.118 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:28 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgbOCRK8AXXzkWUjYkyLRAKaJplEujKjKvdqyK1DDCIxv%2BS99q610tDTniIpL7r3vgleQQ4jonDh273hu3XvwL2OAdCuTlWkFGOMsJ5tUQe4pH6sdDHn68HZiLAm2OeerqFuueI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=0, no-cache, s-maxage=10 x-mod-pagespeed 1.13.35.2-0 cf-ray 69ff182cc8af1f15-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	BidVertiser.dbm Show response bdv.bidvertiser.com/	9 KB 9 KB	666ms 164ms	Script text/javascript	54.241.51.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228 Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-241-51-109.us-west-1.compute.amazonaws.com Software / Resource Hash `0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539` Request headers Referer https://ru.ntunhs.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Pragma no-cache Expires -1 Cache-Control no-store Connection close Content-Length 9014 Content-Type text/javascript
GET H2	200	banners Show response mybetterdl.com/adServe/ Redirect Chain https://p93920.clksite.com/adServe/banners?tid=93920_153711_0 https://mybetterdl.com/adServe/banners?tid=93920_153711_0	80 KB 31 KB	392ms 135ms	Script text/javascript	173.192.101.24 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://mybetterdl.com/adServe/banners?tid=93920_153711_0 Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 18.65.c0ad.ip4.static.sl-reverse.com Software nginx / Resource Hash `070dfbd9cf93117d3f74eae6bd1c3d4d919b85f8d009379cf501acc76f8a5b69` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Mon, 18 Oct 2021 04:41:28 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control no-cache expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://mybetterdl.com/adServe/banners?tid=93920_153711_0 date Mon, 18 Oct 2021 04:41:28 GMT server nginx content-length 162 content-type text/html
GET H2	200	display.php Show response www.greatdexchange.com/a/	6 KB 2 KB	156ms 122ms	Script application/javascript	35.201.103.0 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.greatdexchange.com/a/display.php?r=1079261 Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.103.0 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 0.103.201.35.bc.googleusercontent.com Software openresty / Resource Hash `95c4c10177875770be61569c104a83900a32c329f70eb49cf134aa555e283342` Request headers Referer https://ru.ntunhs.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers access-control-allow-origin * date Mon, 18 Oct 2021 04:41:27 GMT content-encoding gzip server openresty alt-svc clear via 1.1 google content-type application/javascript; charset=utf-8
GET H/1.1	200 OK	bidvertiser.dbm Show response bdv.bidvertiser.com/	0 328 B	506ms 172ms	Script text/javascript	54.241.51.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bdv.bidvertiser.com/bidvertiser.dbm?pid=556857&bid=1397228&RD=6907875889356&DIF=2 Requested by Host: bdv.bidvertiser.com URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-241-51-109.us-west-1.compute.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Len 0 Date Monday, 18-Oct-2021 04:41:28 GMT Cache-Control no-store Last-Modified Sunday, 18-Oct-2020 04:41:28 GMT CONNECTION Close P3P policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC" Content-Type text/javascript; charset=utf-8
GET H/1.1	200 OK	Cookie set BidVertiser.dbm Show response bdv.bidvertiser.com/ Frame 3138	5 KB 6 KB	497ms 168ms	Document text/html	54.241.51.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=2670049179878&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=2670049179878&js1loc=-&loctitle=%20DNS Requested by Host: bdv.bidvertiser.com URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-241-51-109.us-west-1.compute.amazonaws.com Software / Resource Hash `5e499ce02abc2f96ca3916433dcf9ac38c278758bb400d88a7f313c90dbfc6b1` Request headers Host bdv.bidvertiser.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ru.ntunhs.net/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ Response headers Date Monday, 18-Oct-2021 04:41:28 GMT Cache-Control no-store Last-Modified Sunday, 18-Oct-2020 04:41:28 GMT Set-Cookie bdv_c10p=369; domain=.bidvertiser.com; path=/; expires=Tue, 19-Oct-2021 04:41:28 GMT bdv_c10p=1_1_1; domain=.bidvertiser.com; path=/; expires=Tue, 19-Oct-2021 04:41:28 GMT P3P policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC" Content-Type text/html; charset=utf-8 Content-Len 5319 CONNECTION Close
GET H/1.1	200 OK	BidVertiser.dbm Show response bdv.bidvertiser.com/	9 KB 9 KB	495ms 164ms	Script text/javascript	54.241.51.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228 Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-241-51-109.us-west-1.compute.amazonaws.com Software / Resource Hash `0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Expires -1 Cache-Control no-store Connection close Content-Length 9014 Content-Type text/javascript
GET H2	200	banners Show response mybetterdl.com/adServe/ Redirect Chain https://clksite.com/adServe/banners?tid=93920_153711_2&pause=5 https://mybetterdl.com/adServe/banners?tid=93920_153711_2&pause=5	79 KB 31 KB	134ms 134ms	Script text/javascript	173.192.101.24 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://mybetterdl.com/adServe/banners?tid=93920_153711_2&pause=5 Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 18.65.c0ad.ip4.static.sl-reverse.com Software nginx / Resource Hash `55f244b1f33bf7a4dc2d08d9a81ca8ed28e4eb9faf722a1f8c819d5ceb87a602` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Mon, 18 Oct 2021 04:41:29 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control no-cache expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://mybetterdl.com/adServe/banners?tid=93920_153711_2&pause=5 date Mon, 18 Oct 2021 04:41:28 GMT server nginx content-length 162 content-type text/html
GET H2	204	display.php www.greatdexchange.com/ad/ Frame EDDC	0 0	129ms 129ms	Document text/plain	35.201.103.0 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.greatdexchange.com/ad/display.php?stamat=m%257C%252Cs4ifzYjLqB1dAN0dEdHP3xP.378%252CZMkKdRAQlkuDbgTABrav5NV1jv5Au773xff4FW3Vpntds3Lpn9WSxACUKDKkv83Ib3z7veiac8sleekPQRDmIUFcGtz6lq_CgoVQHinZwzo%252C&cbur=0.996283018123459&cbtitle=%D0%92%D1%81%D0%B5%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%B8&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=%D0%9F%D0%BE%D0%BB%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B0%D0%B7%D0%B0%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%BF%D0%BE%20IP%2FDN%2FWhois%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0.&cbkeywords=%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%2C%20Whois%2C%20DNS%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%2C%20IP%2C%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B8%D0%BC%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20Whois%20IP%2C%20IP%20%2F%20Domain%2C%20%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B8%D0%BC%D1%8F%2C%20IP-%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%2C%20%D0%BE%D1%82%D1%81%D0%BB%D0%B5%D0%B6%D0%B8%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%B8%D1%82%D1%8C%20IP%2C%20IP%20%D0%B4%D0%BB%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%2C%20IP%2C&cbref= Requested by Host: www.greatdexchange.com URL: https://www.greatdexchange.com/a/display.php?r=1079261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.103.0 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 0.103.201.35.bc.googleusercontent.com Software openresty / Resource Hash Request headers :method GET :authority www.greatdexchange.com :scheme https :path /ad/display.php?stamat=m%257C%252Cs4ifzYjLqB1dAN0dEdHP3xP.378%252CZMkKdRAQlkuDbgTABrav5NV1jv5Au773xff4FW3Vpntds3Lpn9WSxACUKDKkv83Ib3z7veiac8sleekPQRDmIUFcGtz6lq_CgoVQHinZwzo%252C&cbur=0.996283018123459&cbtitle=%D0%92%D1%81%D0%B5%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%B8&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=%D0%9F%D0%BE%D0%BB%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B0%D0%B7%D0%B0%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%BF%D0%BE%20IP%2FDN%2FWhois%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0.&cbkeywords=%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%2C%20Whois%2C%20DNS%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%2C%20IP%2C%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B8%D0%BC%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20Whois%20IP%2C%20IP%20%2F%20Domain%2C%20%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B8%D0%BC%D1%8F%2C%20IP-%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%2C%20%D0%BE%D1%82%D1%81%D0%BB%D0%B5%D0%B6%D0%B8%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%B8%D1%82%D1%8C%20IP%2C%20IP%20%D0%B4%D0%BB%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%2C%20IP%2C&cbref= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ru.ntunhs.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ Response headers server openresty date Mon, 18 Oct 2021 04:41:28 GMT access-control-allow-origin * via 1.1 google alt-svc clear
GET H2	200	ui_tag_80.2-1.js Show response p93920.mycdn.co/banners/script/	176 KB 53 KB	40ms 5ms	Script application/javascript	94.31.29.128 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js Requested by Host: p93920.clksite.com URL: https://p93920.clksite.com/adServe/banners?tid=93920_153711_0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US), Reverse DNS 94.31.29.128.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash `8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:28 GMT content-encoding gzip last-modified Mon, 24 Jun 2019 11:33:16 GMT server NetDNA-cache/2.2 etag W/"5d10b4fc-2c04a" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31104000 expires Thu, 13 Oct 2022 04:41:28 GMT
GET H2	204	display.php www.greatdexchange.com/ad/ Frame A5A2	0 0	130ms 130ms	Document text/plain	35.201.103.0 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.greatdexchange.com/ad/display.php?stamat=m%257C%252Cs4ifzYjLqB1dAN0dEdHP3xP.378%252CZMkKdRAQlkuDbgTABrav5NV1jv5Au773xff4FW3Vpntds3Lpn9WSxACUKDKkv83Ib3z7veiac8sleekPQRDmIUFcGtz6lq_CgoVQHinZwzo%252C&cbur=0.5913436076755838&cbtitle=%D0%92%D1%81%D0%B5%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%B8&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=%D0%9F%D0%BE%D0%BB%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B0%D0%B7%D0%B0%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%BF%D0%BE%20IP%2FDN%2FWhois%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0.&cbkeywords=%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%2C%20Whois%2C%20DNS%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%2C%20IP%2C%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B8%D0%BC%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20Whois%20IP%2C%20IP%20%2F%20Domain%2C%20%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B8%D0%BC%D1%8F%2C%20IP-%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%2C%20%D0%BE%D1%82%D1%81%D0%BB%D0%B5%D0%B6%D0%B8%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%B8%D1%82%D1%8C%20IP%2C%20IP%20%D0%B4%D0%BB%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%2C%20IP%2C&cbref= Requested by Host: www.greatdexchange.com URL: https://www.greatdexchange.com/a/display.php?r=1079261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.103.0 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 0.103.201.35.bc.googleusercontent.com Software openresty / Resource Hash Request headers :method GET :authority www.greatdexchange.com :scheme https :path /ad/display.php?stamat=m%257C%252Cs4ifzYjLqB1dAN0dEdHP3xP.378%252CZMkKdRAQlkuDbgTABrav5NV1jv5Au773xff4FW3Vpntds3Lpn9WSxACUKDKkv83Ib3z7veiac8sleekPQRDmIUFcGtz6lq_CgoVQHinZwzo%252C&cbur=0.5913436076755838&cbtitle=%D0%92%D1%81%D0%B5%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%B8&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=%D0%9F%D0%BE%D0%BB%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B0%D0%B7%D0%B0%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%BF%D0%BE%20IP%2FDN%2FWhois%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0.&cbkeywords=%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%2C%20Whois%2C%20DNS%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%2C%20IP%2C%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B8%D0%BC%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20Whois%20IP%2C%20IP%20%2F%20Domain%2C%20%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B8%D0%BC%D1%8F%2C%20IP-%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%2C%20%D0%BE%D1%82%D1%81%D0%BB%D0%B5%D0%B6%D0%B8%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%B8%D1%82%D1%8C%20IP%2C%20IP%20%D0%B4%D0%BB%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%2C%20IP%2C&cbref= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ru.ntunhs.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ Response headers server openresty date Mon, 18 Oct 2021 04:41:29 GMT access-control-allow-origin * via 1.1 google alt-svc clear
GET H/1.1	200 OK	BidVertiser.dbm Show response bdv.bidvertiser.com/	9 KB 9 KB	724ms 165ms	Script text/javascript	54.241.51.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228 Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-241-51-109.us-west-1.compute.amazonaws.com Software / Resource Hash `0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Expires -1 Cache-Control no-store Connection close Content-Length 9014 Content-Type text/javascript
GET H2	200	default.css d2b9l3u54v5v39.cloudfront.net/css/ Frame 3138	1 KB 1 KB	34ms 7ms	Stylesheet text/css	99.86.3.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2b9l3u54v5v39.cloudfront.net/css/default.css Requested by Host: bdv.bidvertiser.com URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=2670049179878&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=2670049179878&js1loc=-&loctitle=%20DNS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.168 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-168.fra6.r.cloudfront.net Software Microsoft-IIS/10.0 / Resource Hash `27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bdv.bidvertiser.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 17 Oct 2021 20:30:13 GMT content-encoding gzip last-modified Mon, 21 Sep 2015 08:25:40 GMT server Microsoft-IIS/10.0 age 30301 etag "70d0ec1947f4d01:0" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 682 x-amz-cf-id Ca8WVhuN7PvYhq45woyXd9uaa8CwGx4-caLlP5zQBQyBwtD7brBCng==
GET H2	200	278x334.css d2b9l3u54v5v39.cloudfront.net/css/ Frame 3138	3 KB 1 KB	34ms 7ms	Stylesheet text/css	99.86.3.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2b9l3u54v5v39.cloudfront.net/css/278x334.css?cbst=2 Requested by Host: bdv.bidvertiser.com URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=2670049179878&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=2670049179878&js1loc=-&loctitle=%20DNS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.168 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-168.fra6.r.cloudfront.net Software Microsoft-IIS/10.0 / Resource Hash `fe8bfa9fa17ceceaa5409472f51d712185ac0442c84747df85af7b7b68e4ea0d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bdv.bidvertiser.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 03:30:51 GMT content-encoding gzip last-modified Thu, 18 Jan 2018 16:21:03 GMT server Microsoft-IIS/10.0 age 4238 etag "e29fe0557890d31:0" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 921 x-amz-cf-id k1nBaLP9LlwV3oNs6vJckMFuy5hNHYAULW4qIzQd4UEezY3kK-zHWA==
GET H2	200	bdv_fsthd.js Show response d2b9l3u54v5v39.cloudfront.net/activejs/ Frame 3138	1 KB 1 KB	35ms 8ms	Script application/javascript	99.86.3.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js Requested by Host: bdv.bidvertiser.com URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=2670049179878&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=2670049179878&js1loc=-&loctitle=%20DNS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.168 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-168.fra6.r.cloudfront.net Software Microsoft-IIS/10.0 / Resource Hash `871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bdv.bidvertiser.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 00:54:47 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Thu, 14 Jan 2021 11:27:17 GMT server Microsoft-IIS/10.0 age 13866 etag "977ef3668ead61:0" x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 1199 x-amz-cf-id yujcVfnPJTcmo-mx20ML9W2fg7C8oeBwkw3sv1J8D1o-D9v5dy0uhw==
GET H2	200	it-ui-comp-17.css p93920.mycdn.co/uicomp/styles/dist/80.2-1/	23 KB 5 KB	6ms 6ms	Stylesheet text/css	94.31.29.128 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-17.css Requested by Host: p93920.mycdn.co URL: https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US), Reverse DNS 94.31.29.128.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash `2e43a4dba40cfdbd5a628c6b10c4f53fff5c8b04e1b838eddb1d710dc165c002` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:29 GMT content-encoding gzip last-modified Mon, 24 Jun 2019 11:33:23 GMT server NetDNA-cache/2.2 etag W/"5d10b503-5df7" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31104000 expires Thu, 13 Oct 2022 04:41:29 GMT
GET H2	200	findBanner Show response mybetterdl.com/adServe/banners/	1 KB 2 KB	131ms 130ms	Script text/javascript	173.192.101.24 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://mybetterdl.com/adServe/banners/findBanner?num=1&keyword=%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%2C%20Whois%2C%20DNS%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%2C%20IP%2C%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF&tid=93920_153711_0&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp93920.mycdn.co&bs=17&referrer=https%3A%2F%2Fru.ntunhs.net%2FIPInfo%2FRU%2Findex.html&ap=cmp%3DBANNER%26evp%3Dw_Wj54-Mm6RB_AzGGnYx2mN_t7FXYY8WBtEpR8IILgOYizjZaBLQ0gAwEm_TlN-GZZJCxAdeOqU%26sjv%3D132.1%26ctid%3D0%26th%3D1200%26tw%3D1600%26inco%3D0%26tip%3D%25D0%2592%25D1%2581%25D0%25B5%2520IP-%25D0%25B0%25D0%25B4%25D1%2580%25D0%25B5%25D1%2581%25D0%25B0%2520%25D0%25B8%25D0%25BD%25D1%2584%25D0%25BE%25D1%2580%25D0%25BC%25D0%25B0%25D1%2586%25D0%25B8%25D0%25B8&pid=93920&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0wJmk9MCZvPTAmc29fZmI9LTEmc29fZ289LTEmc29fZ3A9LTEmc29fdHc9LTEmc3A9MDAwMDAwMDAwMDEwMDAwMDAwMDAwMDAmbW1fbW49MCZtbV9hcz0wJm1tX2FkPTAmbW1fbXQ9MCZtbV9zYz0wJm1tX3NkYz0wJm5jcnM9NA%3D%3D&olive=1&callback=ITCbrp8kdoux76 Requested by Host: p93920.mycdn.co URL: https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 18.65.c0ad.ip4.static.sl-reverse.com Software nginx / Resource Hash `de1b09c1563bee7b98d9f12a593604f875d684922db9b67ddc49223f9231a264` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Mon, 18 Oct 2021 04:41:29 GMT content-encoding gzip server nginx vary Accept-Encoding p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" cache-control no-cache content-type text/javascript;charset=utf-8 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	bounce-tag_80.2-1.js Show response p93920.mycdn.co/banners/bounce/	48 KB 18 KB	7ms 6ms	Script application/javascript	94.31.29.128 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://p93920.mycdn.co/banners/bounce/bounce-tag_80.2-1.js Requested by Host: clksite.com URL: https://clksite.com/adServe/banners?tid=93920_153711_2&pause=5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US), Reverse DNS 94.31.29.128.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash `8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:29 GMT content-encoding gzip last-modified Mon, 24 Jun 2019 11:33:16 GMT server NetDNA-cache/2.2 etag W/"5d10b4fc-be2b" vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=31104000 expires Thu, 13 Oct 2022 04:41:29 GMT
GET H2	200	it-banner-frame.css p93920.mycdn.co/uicomp/styles/dist/80.2-1/ Frame 7AD8	2 KB 924 B	6ms 6ms	Stylesheet text/css	94.31.29.128 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css Requested by Host: p93920.mycdn.co URL: https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US), Reverse DNS 94.31.29.128.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash `f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:29 GMT content-encoding gzip last-modified Mon, 24 Jun 2019 11:33:23 GMT server NetDNA-cache/2.2 etag W/"5d10b503-858" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31104000 expires Thu, 13 Oct 2022 04:41:29 GMT
GET H2	200	findBanner Show response mybetterdl.com/adServe/banners/	1 KB 2 KB	130ms 130ms	Script text/javascript	173.192.101.24 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://mybetterdl.com/adServe/banners/findBanner?num=1&keyword=%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%2C%20Whois%2C%20DNS%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%2C%20IP%2C%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF&tid=93920_153711_0&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp93920.mycdn.co&bs=17&referrer=https%3A%2F%2Fru.ntunhs.net%2FIPInfo%2FRU%2Findex.html&ap=cmp%3DBANNER%26evp%3Dw_Wj54-Mm6RB_AzGGnYx2mN_t7FXYY8WBtEpR8IILgOYizjZaBLQ0gAwEm_TlN-GZZJCxAdeOqU%26sjv%3D132.1%26ctid%3D0%26th%3D1200%26tw%3D1600%26inco%3D0%26tip%3D%25D0%2592%25D1%2581%25D0%25B5%2520IP-%25D0%25B0%25D0%25B4%25D1%2580%25D0%25B5%25D1%2581%25D0%25B0%2520%25D0%25B8%25D0%25BD%25D1%2584%25D0%25BE%25D1%2580%25D0%25BC%25D0%25B0%25D1%2586%25D0%25B8%25D0%25B8&pid=93920&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0wJmk9MCZvPTAmc29fZmI9LTEmc29fZ289LTEmc29fZ3A9LTEmc29fdHc9LTEmc3A9MDAwMDAwMDAwMDEwMDAwMDAwMDAwMDAmbW1fbW49MCZtbV9hcz0wJm1tX2FkPTAmbW1fbXQ9MCZtbV9zYz0wJm1tX3NkYz0wJm5jcnM9NA%3D%3D&olive=1&callback=ITC6sw8op2l4bt Requested by Host: p93920.mycdn.co URL: https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 18.65.c0ad.ip4.static.sl-reverse.com Software nginx / Resource Hash `dc1e2dd2deff6cef7741a5764db7b177948aa7ae6ce8cf8ed057df218b51ca79` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Mon, 18 Oct 2021 04:41:29 GMT content-encoding gzip server nginx vary Accept-Encoding p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" cache-control no-cache content-type text/javascript;charset=utf-8 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	fallback_17x_en.jpg p93920.mycdn.co/ext/onn/clean/ Frame 7AD8	16 KB 16 KB	6ms 6ms	Image image/jpeg	94.31.29.128 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://p93920.mycdn.co/ext/onn/clean/fallback_17x_en.jpg Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US), Reverse DNS 94.31.29.128.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash `ab55dbc5cea96ae6448ae8f9cee76548642cb44c8004840bd499c00ef1504498` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:29 GMT last-modified Mon, 05 Feb 2018 08:27:38 GMT server NetDNA-cache/2.2 etag "5a78157a-3f24" x-cache HIT content-type image/jpeg cache-control max-age=31104000 accept-ranges bytes content-length 16164 expires Thu, 13 Oct 2022 04:41:29 GMT
GET H/1.1	200 OK	Cookie set BidVertiser.dbm Show response bdv.bidvertiser.com/ Frame 5D51	5 KB 6 KB	267ms 169ms	Document text/html	54.241.51.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=036197206189&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=036197206189&js1loc=-&loctitle=%20DNS Requested by Host: bdv.bidvertiser.com URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-241-51-109.us-west-1.compute.amazonaws.com Software / Resource Hash `5e499ce02abc2f96ca3916433dcf9ac38c278758bb400d88a7f313c90dbfc6b1` Request headers Host bdv.bidvertiser.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ru.ntunhs.net/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ Response headers Date Monday, 18-Oct-2021 04:41:29 GMT Cache-Control no-store Last-Modified Sunday, 18-Oct-2020 04:41:29 GMT Set-Cookie bdv_c10p=369; domain=.bidvertiser.com; path=/; expires=Tue, 19-Oct-2021 04:41:29 GMT bdv_c10p=1_1_1; domain=.bidvertiser.com; path=/; expires=Tue, 19-Oct-2021 04:41:29 GMT P3P policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC" Content-Type text/html; charset=utf-8 Content-Len 5319 CONNECTION Close
GET H2	200	it-banner-frame.css p93920.mycdn.co/uicomp/styles/dist/80.2-1/ Frame CDF1	2 KB 924 B	6ms 6ms	Stylesheet text/css	94.31.29.128 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css Requested by Host: p93920.mycdn.co URL: https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US), Reverse DNS 94.31.29.128.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash `f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:29 GMT content-encoding gzip last-modified Mon, 24 Jun 2019 11:33:23 GMT server NetDNA-cache/2.2 etag W/"5d10b503-858" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31104000 expires Thu, 13 Oct 2022 04:41:29 GMT
GET H2	200	fallback_17x_en.jpg p93920.mycdn.co/ext/onn/clean/ Frame CDF1	16 KB 16 KB	6ms 6ms	Image image/jpeg	94.31.29.128 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://p93920.mycdn.co/ext/onn/clean/fallback_17x_en.jpg Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US), Reverse DNS 94.31.29.128.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash `ab55dbc5cea96ae6448ae8f9cee76548642cb44c8004840bd499c00ef1504498` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:29 GMT last-modified Mon, 05 Feb 2018 08:27:38 GMT server NetDNA-cache/2.2 etag "5a78157a-3f24" x-cache HIT content-type image/jpeg cache-control max-age=31104000 accept-ranges bytes content-length 16164 expires Thu, 13 Oct 2022 04:41:29 GMT
GET H2	200	default.css d2b9l3u54v5v39.cloudfront.net/css/ Frame 5D51	1 KB 1 KB	7ms 6ms	Stylesheet text/css	99.86.3.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2b9l3u54v5v39.cloudfront.net/css/default.css Requested by Host: bdv.bidvertiser.com URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=036197206189&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=036197206189&js1loc=-&loctitle=%20DNS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.168 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-168.fra6.r.cloudfront.net Software Microsoft-IIS/10.0 / Resource Hash `27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bdv.bidvertiser.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 17 Oct 2021 20:30:13 GMT content-encoding gzip last-modified Mon, 21 Sep 2015 08:25:40 GMT server Microsoft-IIS/10.0 age 30301 etag "70d0ec1947f4d01:0" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 682 x-amz-cf-id S5GTL00zPYE6gYfNZKU-rjjuzb6pNmW4yYbSBq2EbssML3jmvfT14g==
GET H2	200	278x334.css d2b9l3u54v5v39.cloudfront.net/css/ Frame 5D51	3 KB 1 KB	9ms 9ms	Stylesheet text/css	99.86.3.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2b9l3u54v5v39.cloudfront.net/css/278x334.css?cbst=2 Requested by Host: bdv.bidvertiser.com URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=036197206189&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=036197206189&js1loc=-&loctitle=%20DNS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.168 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-168.fra6.r.cloudfront.net Software Microsoft-IIS/10.0 / Resource Hash `fe8bfa9fa17ceceaa5409472f51d712185ac0442c84747df85af7b7b68e4ea0d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bdv.bidvertiser.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 03:30:51 GMT content-encoding gzip last-modified Thu, 18 Jan 2018 16:21:03 GMT server Microsoft-IIS/10.0 age 4238 etag "e29fe0557890d31:0" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 921 x-amz-cf-id I8lUnpo-bcSpLCC4uHLgA_S_e2Il4fnfyLgdOTvnH0ypCG7dJaBtuw==
GET H2	200	bdv_fsthd.js Show response d2b9l3u54v5v39.cloudfront.net/activejs/ Frame 5D51	1 KB 1 KB	7ms 7ms	Script application/javascript	99.86.3.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js Requested by Host: bdv.bidvertiser.com URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=036197206189&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=036197206189&js1loc=-&loctitle=%20DNS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.168 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-168.fra6.r.cloudfront.net Software Microsoft-IIS/10.0 / Resource Hash `871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bdv.bidvertiser.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 00:54:47 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Thu, 14 Jan 2021 11:27:17 GMT server Microsoft-IIS/10.0 age 13866 etag "977ef3668ead61:0" x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 1199 x-amz-cf-id Gu4TQp_zuxTDenq5fET5slnSjGiSs_ELo1273e2cZVsNXxo_S7dKcA==
GET H2	204	display.php www.greatdexchange.com/ad/ Frame DA18	0 0	124ms 124ms	Document text/plain	35.201.103.0 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.greatdexchange.com/ad/display.php?stamat=m%257C%252Cs4ifzYjLqB1dAN0dEdHP3xP.378%252CZMkKdRAQlkuDbgTABrav5NV1jv5Au773xff4FW3Vpntds3Lpn9WSxACUKDKkv83Ib3z7veiac8sleekPQRDmIUFcGtz6lq_CgoVQHinZwzo%252C&cbur=0.05373609348537567&cbtitle=%D0%92%D1%81%D0%B5%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%B8&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=%D0%9F%D0%BE%D0%BB%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B0%D0%B7%D0%B0%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%BF%D0%BE%20IP%2FDN%2FWhois%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0.&cbkeywords=%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%2C%20Whois%2C%20DNS%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%2C%20IP%2C%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B8%D0%BC%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20Whois%20IP%2C%20IP%20%2F%20Domain%2C%20%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B8%D0%BC%D1%8F%2C%20IP-%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%2C%20%D0%BE%D1%82%D1%81%D0%BB%D0%B5%D0%B6%D0%B8%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%B8%D1%82%D1%8C%20IP%2C%20IP%20%D0%B4%D0%BB%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%2C%20IP%2C&cbref= Requested by Host: www.greatdexchange.com URL: https://www.greatdexchange.com/a/display.php?r=1079261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.103.0 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 0.103.201.35.bc.googleusercontent.com Software openresty / Resource Hash Request headers :method GET :authority www.greatdexchange.com :scheme https :path /ad/display.php?stamat=m%257C%252Cs4ifzYjLqB1dAN0dEdHP3xP.378%252CZMkKdRAQlkuDbgTABrav5NV1jv5Au773xff4FW3Vpntds3Lpn9WSxACUKDKkv83Ib3z7veiac8sleekPQRDmIUFcGtz6lq_CgoVQHinZwzo%252C&cbur=0.05373609348537567&cbtitle=%D0%92%D1%81%D0%B5%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%B8&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=%D0%9F%D0%BE%D0%BB%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B0%D0%B7%D0%B0%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%BF%D0%BE%20IP%2FDN%2FWhois%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0.&cbkeywords=%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%2C%20Whois%2C%20DNS%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%2C%20IP%2C%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B8%D0%BC%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20Whois%20IP%2C%20IP%20%2F%20Domain%2C%20%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B8%D0%BC%D1%8F%2C%20IP-%D1%82%D1%80%D0%B5%D0%BA%D0%B5%D1%80%2C%20%D0%BE%D1%82%D1%81%D0%BB%D0%B5%D0%B6%D0%B8%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%B8%D1%82%D1%8C%20IP%2C%20IP%20%D0%B4%D0%BB%D1%8F%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%2C%20IP%2C&cbref= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ru.ntunhs.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ Response headers server openresty date Mon, 18 Oct 2021 04:41:29 GMT access-control-allow-origin * via 1.1 google alt-svc clear
GET H3	200	search.png ru.ntunhs.net/ad/	28 KB 29 KB	500ms 500ms	Image image/png	104.21.8.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ru.ntunhs.net/ad/search.png Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.118 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `555f7b2f284ecc9727906fc80c80bcf7079a77bf6cef273a2e36bd779fc40941` Request headers :path /ad/search.png pragma no-cache cookie rhid_c=0 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority ru.ntunhs.net referer https://ru.ntunhs.net/IPInfo/RU/index.html :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/IPInfo/RU/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:30 GMT cf-cache-status REVALIDATED last-modified Wed, 07 Sep 2016 07:52:44 GMT server cloudflare etag "6fb7-53be632c76b00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zm4abunbIHlf%2B3Ag9PxzY1%2BJUoIkWrIDeReItwtbVAL%2FoYJ42OT36ijhescjdkpa4LBp9yP%2F3W4FI%2FumLUsno8jexIUsEO0URYbD%2B4v6XP0E1idq9t4gFDsGBRegMMzD"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1800, s-maxage=10 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 69ff18390c5a3250-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 28599
GET H2	200	findBanner Show response mybetterdl.com/adServe/banners/	1 KB 2 KB	133ms 133ms	Script text/javascript	173.192.101.24 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://mybetterdl.com/adServe/banners/findBanner?num=1&keyword=%20%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B0%2C%20Whois%2C%20DNS%2C%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B8%D0%BC%D0%B5%D0%BD%2C%20IP-%D0%B0%D0%B4%D1%80%D0%B5%D1%81%2C%20IP%2C%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF&tid=93920_153711_0&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp93920.mycdn.co&bs=17&referrer=https%3A%2F%2Fru.ntunhs.net%2FIPInfo%2FRU%2Findex.html&ap=cmp%3DBANNER%26evp%3Dw_Wj54-Mm6RB_AzGGnYx2mN_t7FXYY8WBtEpR8IILgOYizjZaBLQ0gAwEm_TlN-GZZJCxAdeOqU%26sjv%3D132.1%26ctid%3D0%26th%3D1200%26tw%3D1600%26inco%3D0%26tip%3D%25D0%2592%25D1%2581%25D0%25B5%2520IP-%25D0%25B0%25D0%25B4%25D1%2580%25D0%25B5%25D1%2581%25D0%25B0%2520%25D0%25B8%25D0%25BD%25D1%2584%25D0%25BE%25D1%2580%25D0%25BC%25D0%25B0%25D1%2586%25D0%25B8%25D0%25B8&pid=93920&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0wJmk9MCZvPTAmc29fZmI9LTEmc29fZ289LTEmc29fZ3A9LTEmc29fdHc9LTEmc3A9MDAwMDAwMDAwMDEwMDAwMDAwMDAwMDAmbW1fbW49MCZtbV9hcz0wJm1tX2FkPTAmbW1fbXQ9MCZtbV9zYz0wJm1tX3NkYz0wJm5jcnM9NA%3D%3D&olive=1&callback=ITCwfrycndn1hp Requested by Host: p93920.mycdn.co URL: https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 18.65.c0ad.ip4.static.sl-reverse.com Software nginx / Resource Hash `3c378858d9eba6b10184257e1e15394e8b6c336599e8f283fef8b211a2689acf` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Mon, 18 Oct 2021 04:41:29 GMT content-encoding gzip server nginx vary Accept-Encoding p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" cache-control no-cache content-type text/javascript;charset=utf-8 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	it-banner-frame.css p93920.mycdn.co/uicomp/styles/dist/80.2-1/ Frame C06B	2 KB 924 B	6ms 6ms	Stylesheet text/css	94.31.29.128 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css Requested by Host: p93920.mycdn.co URL: https://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US), Reverse DNS 94.31.29.128.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash `f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:30 GMT content-encoding gzip last-modified Mon, 24 Jun 2019 11:33:23 GMT server NetDNA-cache/2.2 etag W/"5d10b503-858" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type text/css cache-control max-age=31104000 expires Thu, 13 Oct 2022 04:41:30 GMT
GET H2	200	fallback_17x_en.jpg p93920.mycdn.co/ext/onn/clean/ Frame C06B	16 KB 16 KB	6ms 6ms	Image image/jpeg	94.31.29.128 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://p93920.mycdn.co/ext/onn/clean/fallback_17x_en.jpg Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US), Reverse DNS 94.31.29.128.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash `ab55dbc5cea96ae6448ae8f9cee76548642cb44c8004840bd499c00ef1504498` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 04:41:30 GMT last-modified Mon, 05 Feb 2018 08:27:38 GMT server NetDNA-cache/2.2 etag "5a78157a-3f24" x-cache HIT content-type image/jpeg cache-control max-age=31104000 accept-ranges bytes content-length 16164 expires Thu, 13 Oct 2022 04:41:30 GMT
GET H/1.1	200 OK	Cookie set BidVertiser.dbm Show response bdv.bidvertiser.com/ Frame B966	5 KB 6 KB	483ms 164ms	Document text/html	54.241.51.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=7688940008387&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=7688940008387&js1loc=-&loctitle=%20DNS Requested by Host: bdv.bidvertiser.com URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-241-51-109.us-west-1.compute.amazonaws.com Software / Resource Hash `5e499ce02abc2f96ca3916433dcf9ac38c278758bb400d88a7f313c90dbfc6b1` Request headers Host bdv.bidvertiser.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ru.ntunhs.net/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ru.ntunhs.net/ Response headers Date Monday, 18-Oct-2021 04:41:30 GMT Cache-Control no-store Last-Modified Sunday, 18-Oct-2020 04:41:30 GMT Set-Cookie bdv_c10p=369; domain=.bidvertiser.com; path=/; expires=Tue, 19-Oct-2021 04:41:30 GMT bdv_c10p=1_1_1; domain=.bidvertiser.com; path=/; expires=Tue, 19-Oct-2021 04:41:30 GMT P3P policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC" Content-Type text/html; charset=utf-8 Content-Len 5319 CONNECTION Close
GET H2	200	default.css d2b9l3u54v5v39.cloudfront.net/css/ Frame B966	1 KB 1 KB	7ms 6ms	Stylesheet text/css	99.86.3.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2b9l3u54v5v39.cloudfront.net/css/default.css Requested by Host: bdv.bidvertiser.com URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=7688940008387&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=7688940008387&js1loc=-&loctitle=%20DNS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.168 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-168.fra6.r.cloudfront.net Software Microsoft-IIS/10.0 / Resource Hash `27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bdv.bidvertiser.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 17 Oct 2021 20:30:13 GMT content-encoding gzip last-modified Mon, 21 Sep 2015 08:25:40 GMT server Microsoft-IIS/10.0 age 30302 etag "70d0ec1947f4d01:0" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 682 x-amz-cf-id 0vPLEeDMgLhBB7jPNG71C72f8bCxkI_JoZPtn5BLldc4MJEUZW8PAQ==
GET H2	200	278x334.css d2b9l3u54v5v39.cloudfront.net/css/ Frame B966	3 KB 1 KB	8ms 7ms	Stylesheet text/css	99.86.3.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2b9l3u54v5v39.cloudfront.net/css/278x334.css?cbst=2 Requested by Host: bdv.bidvertiser.com URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=7688940008387&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=7688940008387&js1loc=-&loctitle=%20DNS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.168 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-168.fra6.r.cloudfront.net Software Microsoft-IIS/10.0 / Resource Hash `fe8bfa9fa17ceceaa5409472f51d712185ac0442c84747df85af7b7b68e4ea0d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bdv.bidvertiser.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 03:30:51 GMT content-encoding gzip last-modified Thu, 18 Jan 2018 16:21:03 GMT server Microsoft-IIS/10.0 age 4239 etag "e29fe0557890d31:0" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 921 x-amz-cf-id pN6d4hCrDlHOF4fl4bGjQFEFQFGPHU2DpSO317TB1m-Ru1cPboIPJQ==
GET H2	200	bdv_fsthd.js Show response d2b9l3u54v5v39.cloudfront.net/activejs/ Frame B966	1 KB 1 KB	8ms 7ms	Script application/javascript	99.86.3.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js Requested by Host: bdv.bidvertiser.com URL: https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228&RD=7688940008387&DIF=1&bd_ref_v=ru.ntunhs.net&tref=1&win_name=null&docref=&jsrand=7688940008387&js1loc=-&loctitle=%20DNS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.168 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-168.fra6.r.cloudfront.net Software Microsoft-IIS/10.0 / Resource Hash `871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bdv.bidvertiser.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 00:54:47 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Thu, 14 Jan 2021 11:27:17 GMT server Microsoft-IIS/10.0 age 13867 etag "977ef3668ead61:0" x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 1199 x-amz-cf-id pjH0paUgCuWkoTQvq6gcccIGgABJp2SKaxrhGp34INHQ8nnlPBK0Xg==
POST H3	204	mod_pagespeed_beacon Show response ru.ntunhs.net/	0 514 B	505ms 505ms	XHR text/plain	104.21.8.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ru.ntunhs.net/mod_pagespeed_beacon?url=http%3A%2F%2Fru.ntunhs.net%2FIPInfo%2FRU%2Findex.html Requested by Host: ru.ntunhs.net URL: https://ru.ntunhs.net/IPInfo/RU/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.118 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-fetch-mode cors origin https://ru.ntunhs.net accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest empty cookie rhid_c=0 content-length 40 :path /mod_pagespeed_beacon?url=http%3A%2F%2Fru.ntunhs.net%2FIPInfo%2FRU%2Findex.html pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/x-www-form-urlencoded accept / cache-control no-cache :authority ru.ntunhs.net referer https://ru.ntunhs.net/IPInfo/RU/index.html :scheme https sec-fetch-site same-origin :method POST Referer https://ru.ntunhs.net/IPInfo/RU/index.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 18 Oct 2021 04:41:31 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmThRldrEZTZ8Sw%2FEwySIo1zl%2Fch7Op6uDacw%2FPfHvtRxSiTaSslVa3dFvP%2Fgmw%2FYJr1O3uwKJJB9R97nNtOpksZUyZRUlQ3KaCYtFjdsvxezbUcmiYe%2Boan%2FMvbeXdo"}],"group":"cf-nel","max_age":604800} cache-control max-age=0, no-cache cf-ray 69ff183f28093250-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mybetterdl.com/adServe	1970-01-19 22:03:38	Name: capdata Value: 490218s.1_1634532089%7C643145s.2_1634532089
ru.ntunhs.net/	1969-12-31 23:59:59	Name: rhid_c Value: 0
.mybetterdl.com/	1970-01-20 02:21:24	Name: rhid Value: 79896854234

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ru.ntunhs.net/js/style.css Message: Failed to load resource: the server responded with a status of 502 ()
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p93920.clksite.com/adServe/banners?tid=93920_153711_0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.greatdexchange.com/a/display.php?r=1079261, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p93920.clksite.com/adServe/banners?tid=93920_153711_0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.greatdexchange.com/a/display.php?r=1079261, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://bdv.bidvertiser.com/BidVertiser.dbm?pid=556857&bid=1397228, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p93920.clksite.com/adServe/banners?tid=93920_153711_0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.greatdexchange.com/a/display.php?r=1079261, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bdv.bidvertiser.com
clksite.com
d2b9l3u54v5v39.cloudfront.net
mybetterdl.com
p93920.clksite.com
p93920.mycdn.co
ru.ntunhs.net
tracker.ntunhs.net
www.greatdexchange.com
104.21.8.118
173.192.101.24
35.201.103.0
54.241.51.109
94.31.29.128
99.86.3.168
070dfbd9cf93117d3f74eae6bd1c3d4d919b85f8d009379cf501acc76f8a5b69
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af
2e43a4dba40cfdbd5a628c6b10c4f53fff5c8b04e1b838eddb1d710dc165c002
3a257ffb6391ef9c492fe022364405c5813658006ff09118b2e6f0ae332f76b0
3c378858d9eba6b10184257e1e15394e8b6c336599e8f283fef8b211a2689acf
555f7b2f284ecc9727906fc80c80bcf7079a77bf6cef273a2e36bd779fc40941
55f244b1f33bf7a4dc2d08d9a81ca8ed28e4eb9faf722a1f8c819d5ceb87a602
5e499ce02abc2f96ca3916433dcf9ac38c278758bb400d88a7f313c90dbfc6b1
6bd571bcd252d149f9e9beabc2ef1d4d422261568227ba582f44292ff2ae90ce
871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617
8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da
8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb
8c7153c21017d67726c618f3c5ec108f6b7b50402114a6e720f1d57b6760a6ea
95c4c10177875770be61569c104a83900a32c329f70eb49cf134aa555e283342
ab55dbc5cea96ae6448ae8f9cee76548642cb44c8004840bd499c00ef1504498
dc1e2dd2deff6cef7741a5764db7b177948aa7ae6ce8cf8ed057df218b51ca79
de1b09c1563bee7b98d9f12a593604f875d684922db9b67ddc49223f9231a264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51
fe08d8b9b5cce12bc7d204500e5665add3225795e02b445c0cdaf6fe6be42c21
fe8bfa9fa17ceceaa5409472f51d712185ac0442c84747df85af7b7b68e4ea0d

ru.ntunhs.net Open in urlscan Pro 104.21.8.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

0 %IPv6

7 Domains

9 Subdomains

6 IPs

3 Countries

337 kBTransfer

635 kBSize

3 Cookies

6 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ru.ntunhs.net Open in urlscan Pro
104.21.8.118 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

6
IPs

3
Countries

337 kB
Transfer

635 kB
Size

3
Cookies

42 HTTP transactions
0 data transactions