izzylaif.com Open in urlscan Pro
2606:4700:3033::6815:57d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://izzylaif.com/go.php
Effective URL:
https://izzylaif.com/
Submission: On February 14 via api (February 14th 2021, 3:24:17 pm UTC) from US

Summary HTTP 139 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 46 IPs in 5 countries across 48 domains to perform 139 HTTP transactions. The main IP is 2606:4700:3033::6815:57d, located in United States and belongs to CLOUDFLARENET, US. The main domain is izzylaif.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 25th 2020. Valid for: a year.

This is the only time izzylaif.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2606:4700:303... 2606:4700:3033::6815:57d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	193.232.121.29 193.232.121.29	50214 (QWARTA) (QWARTA)
2 14	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 29	195.201.243.72 195.201.243.72	24940 (HETZNER-AS) (HETZNER-AS)
1 3	159.69.74.7 159.69.74.7	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	95.213.133.115 95.213.133.115	49505 (SELECTEL) (SELECTEL)
2 3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
2 2	193.232.148.150 193.232.148.150	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	195.209.108.37 195.209.108.37	52007 (ADRIVER-AS) (ADRIVER-AS)
2	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
2 2	194.190.117.93 194.190.117.93	204600 (REPUBLER-AS) (REPUBLER-AS)
2 3	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.16.23 37.18.16.23	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.134 185.15.175.134	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	195.201.106.117 195.201.106.117	24940 (HETZNER-AS) (HETZNER-AS)
1 1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.36 109.248.237.36	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3 3	188.34.131.134 188.34.131.134	24940 (HETZNER-AS) (HETZNER-AS)
3 6	88.99.214.77 88.99.214.77	24940 (HETZNER-AS) (HETZNER-AS)
3 3	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
3 5	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1 1	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
4 7	176.99.5.102 176.99.5.102	49352 (LOGOL-AS) (LOGOL-AS)
4 4	217.66.147.166 217.66.147.166	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.207 213.87.44.207	13174 (MTSNET Mo...) (MTSNET Moscow)
4	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
2 3	144.76.118.200 144.76.118.200	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
1 1	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2	2606:4700:10:... 2606:4700:10::6816:557	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
2 2	188.42.29.81 188.42.29.81	7979 (SERVERS-COM) (SERVERS-COM)
1	23.111.100.228 23.111.100.228	7979 (SERVERS-COM) (SERVERS-COM)
2	2a02:6b8::16b 2a02:6b8::16b	13238 (YANDEX) (YANDEX)
1	194.176.118.216 194.176.118.216	49352 (LOGOL-AS) (LOGOL-AS)
1	82.202.224.34 82.202.224.34	50340 (SELECTEL-MSK) (SELECTEL-MSK)
2 4	185.15.175.133 185.15.175.133	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
10	2606:4700:303... 2606:4700:3030::6815:526e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
139	46

5 2606:4700:3033::6815:57d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

izzylaif.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.232.121.29 (Russian Federation)

ASN50214 (QWARTA, RU)

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 195.201.243.72 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.69.74.7 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1290151.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

p1.dircont3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.213.133.115 (Russian Federation)

ASN49505 (SELECTEL, RU)

ps.ntvk1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.150 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.37 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.93 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.158 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.159 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.23 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.134 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.106.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.106.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.36 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Wjelsryp, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.34.131.134 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.134.131.34.188.clients.your-server.de

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 88.99.214.77 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-214-77.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.16.14 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.108.119.43 (Russian Federation) 3 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.147 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)

0100007f7a402960f003bc9902ecdc80-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 176.99.5.102 (Russian Federation) 4 redirects

ASN49352 (LOGOL-AS, RU)
PTR: d41228.acod.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.166 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-166-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.207 (Moscow, Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-207-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 144.76.118.200 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.200.118.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Podolsk, Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:557 (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.29.81 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.100.228 (Russian Federation)

ASN7979 (SERVERS-COM, US)

pbs.alfasense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::16b (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.176.118.216 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d40666.acod.regrucolo.ru

ps5.ntvk1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.224.34 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

rtb.beroll.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.133 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3030::6815:526e (United States)

ASN13335 (CLOUDFLARENET, US)

cloudfastads.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.cloudfastads.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	acint.net 1 redirects www.acint.net acint.net	18 KB
20	yandex.ru 2 redirects mc.yandex.ru an.yandex.ru matchid.adfox.yandex.ru	187 KB
10	cloudfastads.ru cloudfastads.ru i.cloudfastads.ru	120 KB
9	gstatic.com fonts.gstatic.com	91 KB
7	rktch.com 4 redirects ut.rktch.com	3 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	159 KB
6	yastatic.net yastatic.net	245 KB
6	mts.ru 6 redirects sm.rtb.mts.ru tech.rtb.mts.ru	4 KB
6	1dmp.io 3 redirects sync.1dmp.io	3 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru dmg.digitaltarget.ru	22 KB
5	aidata.io 3 redirects x01.aidata.io	3 KB
5	googleapis.com fonts.googleapis.com	4 KB
5	izzylaif.com 1 redirects izzylaif.com	173 KB
4	advarkads.com 2 redirects s3.advarkads.com api.advarkads.com	8 KB
4	adriver.ru 2 redirects ad.adriver.ru ssp.adriver.ru	2 KB
4	mail.ru ad.mail.ru top-fwz1.mail.ru	12 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	7 KB
4	sape.ru 1 redirects cdn-rtb.sape.ru ssp-rtb.sape.ru	58 KB
3	buzzoola.com 2 redirects exchange.buzzoola.com	726 B
3	weborama.fr 3 redirects redirect.frontend.weborama.fr	792 B
3	com.ru 3 redirects adx.com.ru	2 KB
3	bumlam.com 2 redirects sync.bumlam.com	2 KB
3	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	republer.com 2 redirects sync.republer.com	950 B
2	adhigh.net 2 redirects px.adhigh.net	921 B
2	ntvk1.ru ps.ntvk1.ru ps5.ntvk1.ru	5 KB
2	google-analytics.com www.google-analytics.com Failed ssl.google-analytics.com	17 KB
1	jsdelivr.net cdn.jsdelivr.net	23 KB
1	cloudflare.com cdnjs.cloudflare.com	1 KB
1	beroll.ru rtb.beroll.ru	86 B
1	alfasense.com pbs.alfasense.com	246 B
1	yadro.ru 1 redirects counter.yadro.ru	287 B
1	gnezdo.ru fcgi4.gnezdo.ru	172 B
1	new-programmatic.com match.new-programmatic.com	215 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	327 B
1	beeline.ru 0100007f7a402960f003bc9902ecdc80-sp.ops.beeline.ru	628 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru	416 B
1	relap.io relap.io	1 KB
1	adlmerge.com adlmerge.com	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru	108 B
1	otm-r.com sync.dmp.otm-r.com	69 B
1	hybrid.ai dm.hybrid.ai	238 B
1	dircont3.com p1.dircont3.com	9 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	803 B
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	642 B
139	48

	Domain	Requested by
26	www.acint.net	1 redirects cdn-rtb.sape.ru izzylaif.com www.acint.net
14	mc.yandex.ru	2 redirects izzylaif.com mc.yandex.ru cloudfastads.ru
9	cloudfastads.ru	izzylaif.com cloudfastads.ru
9	fonts.gstatic.com	fonts.googleapis.com
7	ut.rktch.com	4 redirects www.acint.net izzylaif.com
6	yastatic.net	cdn-rtb.sape.ru yastatic.net an.yandex.ru
6	sync.1dmp.io	3 redirects www.acint.net s3.advarkads.com izzylaif.com
5	x01.aidata.io	3 redirects www.acint.net
5	fonts.googleapis.com	izzylaif.com cloudfastads.ru
5	pagead2.googlesyndication.com	izzylaif.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	izzylaif.com	1 redirects izzylaif.com
4	dmg.digitaltarget.ru	2 redirects www.acint.net
4	an.yandex.ru	www.acint.net yastatic.net izzylaif.com
4	sm.rtb.mts.ru	4 redirects
3	top-fwz1.mail.ru	izzylaif.com top-fwz1.mail.ru
3	exchange.buzzoola.com	2 redirects izzylaif.com
3	redirect.frontend.weborama.fr	3 redirects
3	adx.com.ru	3 redirects
3	sync.bumlam.com	2 redirects www.acint.net
3	acint.net	www.acint.net
3	ads.betweendigital.com	2 redirects www.acint.net
3	ssp-rtb.sape.ru	1 redirects cdn-rtb.sape.ru
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	ssl.google-analytics.com	izzylaif.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	matchid.adfox.yandex.ru	yastatic.net
2	api.advarkads.com	2 redirects
2	s3.advarkads.com	www.acint.net s3.advarkads.com
2	tech.rtb.mts.ru	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync3.adsniper.ru	2 redirects
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
1	i.cloudfastads.ru	izzylaif.com
1	cdn.jsdelivr.net	cloudfastads.ru
1	cdnjs.cloudflare.com	cloudfastads.ru
1	rtb.beroll.ru	izzylaif.com
1	ps5.ntvk1.ru	izzylaif.com
1	pbs.alfasense.com	yastatic.net
1	counter.yadro.ru	1 redirects
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	s.uuidksinc.net	1 redirects
1	0100007f7a402960f003bc9902ecdc80-sp.ops.beeline.ru	www.acint.net
1	sape-sync.rutarget.ru	1 redirects
1	relap.io	www.acint.net
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm.hybrid.ai	www.acint.net
1	ad.mail.ru	www.acint.net
1	ps.ntvk1.ru	p1.dircont3.com
1	p1.dircont3.com	cdn-rtb.sape.ru
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn-rtb.sape.ru	izzylaif.com
0	www.google-analytics.com Failed	izzylaif.com
139	62

This site contains links to these domains. Also see Links.

Domain
rtb.sape.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-25` - `2021-07-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.sape.ru R3	`2020-12-17` - `2021-03-17`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.acint.net R3	`2020-12-17` - `2021-03-17`	3 months	crt.sh
1088415191.rsc.cdn77.org R3	`2020-12-28` - `2021-03-28`	3 months	crt.sh
*.ntvk1.ru Sectigo RSA Domain Validation Secure Server CA	`2020-05-11` - `2021-08-09`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.bumlam.com R3	`2021-01-06` - `2021-04-06`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2021-01-28` - `2021-04-28`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-07` - `2021-08-07`	a year	crt.sh
adlmerge.com R3	`2021-01-20` - `2021-04-20`	3 months	crt.sh
relap.io GeoTrust RSA CA 2018	`2020-10-01` - `2021-10-06`	a year	crt.sh
my.aidata.me Sectigo RSA Domain Validation Secure Server CA	`2020-02-25` - `2022-02-25`	2 years	crt.sh
sync.1dmp.io R3	`2021-01-21` - `2021-04-21`	3 months	crt.sh
*.ops.beeline.ru Sectigo RSA Domain Validation Secure Server CA	`2020-06-23` - `2022-06-24`	2 years	crt.sh
ut.rktch.com R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
an.yandex.by Yandex CA	`2020-10-01` - `2021-04-01`	6 months	crt.sh
new-programmatic.com Let's Encrypt Authority X3	`2020-11-26` - `2021-02-24`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2020-12-09` - `2021-03-09`	3 months	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.yastatic.net Yandex CA	`2020-09-29` - `2021-03-30`	6 months	crt.sh
*.alfasense.com AlphaSSL CA - SHA256 - G2	`2020-11-24` - `2021-12-20`	a year	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2020-09-29` - `2021-03-24`	6 months	crt.sh
*.buzzoola.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-30` - `2022-09-28`	2 years	crt.sh
*.beroll.ru AlphaSSL CA - SHA256 - G2	`2021-02-11` - `2022-03-15`	a year	crt.sh
dmg.digitaltarget.ru R3	`2021-01-18` - `2021-04-18`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://izzylaif.com/
Frame ID: 7542FB26815B1D48F2B31456E9D60759
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: A9605600882AB9163041A846A1C732A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3196505394625126&output=html&adk=1812271804&adf=3025194257&lmt=1613316217&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fizzylaif.com%2Fgo.php&ea=0&flash=0&pra=5&wgl=1&dt=1613316217853&bpp=12&bdt=81&idt=117&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2643453367151&frm=20&pv=2&ga_vid=372578263.1613316218&ga_sid=1613316218&ga_hid=465261407&ga_fc=0&ga_wpids=UA-28214854-5&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=329793659537166&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=138
Frame ID: 4DF0446508D358A510954CE30F2151A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3196505394625126&output=html&h=280&slotname=9228976308&adk=1927957476&adf=777752552&pi=t.ma~as.9228976308&w=336&lmt=1613316217&psa=0&format=336x280&url=https%3A%2F%2Fizzylaif.com%2Fgo.php&flash=0&wgl=1&dt=1613316217865&bpp=3&bdt=94&idt=132&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2643453367151&frm=20&pv=1&ga_vid=372578263.1613316218&ga_sid=1613316218&ga_hid=465261407&ga_fc=0&ga_wpids=UA-28214854-5&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=16&ady=664&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=329793659537166&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Y6rLVsnYwu&p=https%3A//izzylaif.com&dtd=138
Frame ID: 2FD7AAA764A724060D2E62C81356E6DE
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14
Frame ID: 21D13C765843FF8787D8D875A90987DC
Requests: 29 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F7A402960F003BC9902ECDC80
Frame ID: 717E38367446EE3E1D1E91F60FB42E46
Requests: 3 HTTP requests in this frame

Frame: https://cloudfastads.ru/data/iframe/29058/desktop/5d67b88f5b42dd1803ea7201
Frame ID: 54FFE49E4103FC643287D3C8D0A1D3D7
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 70DBB9B4AA99D9AF973E2E8C16889476
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://izzylaif.com/go.php HTTP 302
https://izzylaif.com/go.php Page URL
https://izzylaif.com/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /https?:\/\/an\.yandex\.ru\//i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

139
Requests

98 %
HTTPS

34 %
IPv6

48
Domains

62
Subdomains

46
IPs

5
Countries

1189 kB
Transfer

3288 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://rtb.sape.ru/?utm_source=adsbyrtbsape&utm_medium=banner&utm_campaign=overlay
Title: Реклама от RtbSape

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://izzylaif.com/go.php HTTP 302
https://izzylaif.com/go.php Page URL
https://izzylaif.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://izzylaif.com/go.php HTTP 302
https://izzylaif.com/go.php

Request Chain 14

https://mc.yandex.ru/watch/15024994?wmode=7&page-url=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afp%3A179%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A728287809109%3Ahid%3A273178402%3Az%3A60%3Ai%3A20210214162337%3Aet%3A1613316218%3Ac%3A1%3Arn%3A1018438240%3Au%3A16133162181034902306%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613316217642%3Ads%3A0%2C0%2C53%2C1%2C72%2C71%2C1%2C22%2C0%2C%2C%2C%2C151%3Adsn%3A0%2C0%2C54%2C0%2C71%2C71%2C1%2C24%2C0%2C%2C%2C%2C150%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613316218%3At%3ADownload%20Page HTTP 302
https://mc.yandex.ru/watch/15024994/1?wmode=7&page-url=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afp%3A179%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A728287809109%3Ahid%3A273178402%3Az%3A60%3Ai%3A20210214162337%3Aet%3A1613316218%3Ac%3A1%3Arn%3A1018438240%3Au%3A16133162181034902306%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613316217642%3Ads%3A0%2C0%2C53%2C1%2C72%2C71%2C1%2C22%2C0%2C%2C%2C%2C151%3Adsn%3A0%2C0%2C54%2C0%2C71%2C71%2C1%2C24%2C0%2C%2C%2C%2C150%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613316218%3At%3ADownload%20Page

Request Chain 35

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F7A402960F003BC9902ECDC80 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F7A402960F003BC9902ECDC80&crf=1

Request Chain 36

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007F7A402960310067190270891C

Request Chain 37

https://px.adhigh.net/p/cm/sape?u=0100007F7A402960F003BC9902ECDC80 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007F7A402960F003BC9902ECDC80&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=7cCoalogoNg.AikABlF3oSP4Rw

Request Chain 39

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5324010975 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AyF-8IJEEgFhF7h7qJ5AEcg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F7A402960F003BC9902ECDC80

Request Chain 40

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=1c73a3d4-8a36-48cd-9b77-3a3eea34cea1 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj6gKWBBlIEioaQK2IkMWM3M2EzZDQtOGEzNi00OGNkLTliNzctM2EzZWVhMzRjZWEx HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj6gKWBBlIEioaQK2IkMWM3M2EzZDQtOGEzNi00OGNkLTliNzctM2EzZWVhMzRjZWExogEQnMxK1m7YEeum6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABj6gKWBBmIkMWM3M2EzZDQtOGEzNi00OGNkLTliNzctM2EzZWVhMzRjZWExogEQnMxK1m7YEeum6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARj6gKWBBmIkMWM3M2EzZDQtOGEzNi00OGNkLTliNzctM2EzZWVhMzRjZWExogEQnMxK1m7YEeum6QAlkMgkNw**

Request Chain 44

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf3pAKWDwA7yZAuzcgA HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 45

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F7A402960F003BC9902ECDC80 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F7A402960F003BC9902ECDC80

Request Chain 48

https://adx.com.ru/sape-sync?uid=0100007F7A402960F003BC9902ECDC80 HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F7A402960F003BC9902ECDC80 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=6029407aa897d84d6924a236&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253DYABBI%252526id%25253D6029407aa897d84d6924a236%252526dest%25253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D6029407aa897d84d6924a236%2526dest%253D%26webouid%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D6029407aa897d84d6924a236%2526dest%253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=3202952553 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DYABBI%26id%3D6029407aa897d84d6924a236%26dest%3D&webouid=XKX6P8P.988CRnciw2/rD. HTTP 302
https://x01.aidata.io/0.gif?pid=YABBI&id=6029407aa897d84d6924a236&dest= HTTP 302
https://x01.aidata.io/0.gif?pid=YABBI&id=6029407aa897d84d6924a236&dest=&bounce=1

Request Chain 49

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7A402960F003BC9902ECDC80 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7A402960F003BC9902ECDC80&cs=1

Request Chain 50

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=HCUbWvJdOMow

Request Chain 51

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=f9b5df77-095c-522d-89e2-6fcfe9cb2fb5

Request Chain 54

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F7A402960F003BC9902ECDC80 HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D380a6beb-3f52-486a-84c9-e89696f03d55&ssp=sape&exu=0100007F7A402960F003BC9902ECDC80 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=380a6beb-3f52-486a-84c9-e89696f03d55&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FOApr6z9SSGqEyeiWlvA9VQ%3Flocation%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D125%2526euid%253D380a6beb-3f52-486a-84c9-e89696f03d55%26sign%3D3681656732 HTTP 302
https://an.yandex.ru/setud/mts_banner/OApr6z9SSGqEyeiWlvA9VQ?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D380a6beb-3f52-486a-84c9-e89696f03d55&sign=3681656732

Request Chain 55

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=dc62a8d4-5181-4341-7845-e8696cd48777

Request Chain 56

https://s.uuidksinc.net/match/396/0100007F7A402960F003BC9902ECDC80 HTTP 302
https://www.acint.net/match?dp=127&euid=ysCvyPnUZfLMwYirFSW1

Request Chain 59

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F7A402960F003BC9902ECDC80 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F7A402960F003BC9902ECDC80&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 68

https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F7A402960F003BC9902ECDC80 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d68f01-aada-44a8-a280-06f8472bdbbb HTTP 302
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d68f01-aada-44a8-a280-06f8472bdbbb&cs=1

Request Chain 79

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID} HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=XKX6P8P.988CRnciw2/rD.

Request Chain 81

https://ut.rktch.com/matchbt?bi=29 HTTP 302
https://sm.rtb.mts.ru/p?ssp=natimatica&id=40df4c19d66c4ca4af4736ed66c5ad599320 HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D380a6beb-3f52-486a-84c9-e89696f03d55&ssp=natimatica&exu=40df4c19d66c4ca4af4736ed66c5ad599320 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=380a6beb-3f52-486a-84c9-e89696f03d55&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FOApr6z9SSGqEyeiWlvA9VQ%3Flocation%3Dhttps%253A%252F%252Fut.rktch.com%252Fmatchsbm%253Fbi%253D29%2526bui%253D380a6beb-3f52-486a-84c9-e89696f03d55%26sign%3D3640690295 HTTP 302
https://an.yandex.ru/setud/mts_banner/OApr6z9SSGqEyeiWlvA9VQ?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D380a6beb-3f52-486a-84c9-e89696f03d55&sign=3640690295

Request Chain 82

https://ut.rktch.com/matchbt?bi=27 HTTP 302
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?uid=40df4c19d66c4ca4af4736ed66c5ad599320 HTTP 307
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=40df4c19d66c4ca4af4736ed66c5ad599320

Request Chain 83

https://ut.rktch.com/matchbt?bi=50 HTTP 302
https://api.advarkads.com/api/statistic/match?id=8067-1-1&uid=40df4c19d66c4ca4af4736ed66c5ad599320 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d68f01-0a35-4462-95cc-d29a339d8626

Request Chain 84

https://ut.rktch.com/matchbt?bi=39 HTTP 302
https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D

Request Chain 85

https://dmg.digitaltarget.ru/1/1093/i/i?i=921171576845807.471443073477573&a=77&e=0100007F7A402960F003BC9902ECDC80&pref=https%3A%2F%2Fizzylaif.com%2Fgo.php&c=ss:77.up:0100007F7A402960F003BC9902ECDC80.sync:up.xdua:duxg_YUwDHyCDkVZzy95u8SM.xps:xps7nOFFRvI6NchHwS0Pfevu8.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=921171576845807.471443073477573&a=77&e=0100007F7A402960F003BC9902ECDC80&pref=https%3A%2F%2Fizzylaif.com%2Fgo.php&c=ss:77.up:0100007F7A402960F003BC9902ECDC80.sync:up.xdua:duxg_YUwDHyCDkVZzy95u8SM.xps:xps7nOFFRvI6NchHwS0Pfevu8.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 86

https://dmg.digitaltarget.ru/1/1093/i/i?i=921171576845807.382393169242103&a=77&e=0100007F7A402960F003BC9902ECDC80&pref=https%3A%2F%2Fizzylaif.com%2Fgo.php&c=ss:77.up:0100007F7A402960F003BC9902ECDC80.sync:up.xdua:duxg_YUwDHyCDkVZzy95u8SM.xps:xps7nOFFRvI6NchHwS0Pfevu8.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=921171576845807.382393169242103&a=77&e=0100007F7A402960F003BC9902ECDC80&pref=https%3A%2F%2Fizzylaif.com%2Fgo.php&c=ss:77.up:0100007F7A402960F003BC9902ECDC80.sync:up.xdua:duxg_YUwDHyCDkVZzy95u8SM.xps:xps7nOFFRvI6NchHwS0Pfevu8.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Request Chain 134

https://mc.yandex.ru/watch/15024994?wmode=7&page-url=https%3A%2F%2Fizzylaif.com%2F&page-ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjb%3Afp%3A173%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A624133544944%3Ahid%3A910047378%3Az%3A60%3Ai%3A20210214162409%3Aet%3A1613316249%3Ac%3A1%3Arn%3A288957184%3Au%3A1613316249835218733%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613316248819%3Ads%3A0%2C0%2C104%2C1%2C0%2C0%2C%2C6%2C0%2C%2C%2C%2C117%3Adsn%3A0%2C0%2C104%2C0%2C0%2C0%2C%2C12%2C0%2C%2C%2C%2C117%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613316249%3At%3A%D0%9F%D0%B5%D1%80%D0%B5%D0%BA%D0%BB%D1%8E%D1%87%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%20%D0%AF%D0%B7%D1%8B%D0%BA%D0%B0%20%7C%20Language%20Switcher HTTP 302
https://mc.yandex.ru/watch/15024994/1?wmode=7&page-url=https%3A%2F%2Fizzylaif.com%2F&page-ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjb%3Afp%3A173%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A624133544944%3Ahid%3A910047378%3Az%3A60%3Ai%3A20210214162409%3Aet%3A1613316249%3Ac%3A1%3Arn%3A288957184%3Au%3A1613316249835218733%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613316248819%3Ads%3A0%2C0%2C104%2C1%2C0%2C0%2C%2C6%2C0%2C%2C%2C%2C117%3Adsn%3A0%2C0%2C104%2C0%2C0%2C0%2C%2C12%2C0%2C%2C%2C%2C117%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613316249%3At%3A%D0%9F%D0%B5%D1%80%D0%B5%D0%BA%D0%BB%D1%8E%D1%87%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%20%D0%AF%D0%B7%D1%8B%D0%BA%D0%B0%20%7C%20Language%20Switcher

139 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

go.php Show response
izzylaif.com/
Redirect Chain

https://izzylaif.com/go.php
https://izzylaif.com/go.php

5 KB
2 KB

54ms
54ms

Document
text/html

2606:4700:3033::6815:57d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:57d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93f47b36f9f82fba4c2edfc29f3325a839e76f94e5ab93c2cf7332313a71b26a

Request headers

:method: GET
:authority: izzylaif.com
:scheme: https
:path: /go.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d11df1582df6eba4a4fdcf2386759d23a1613316217; url=https%3A%2F%2Fizzylaif.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:37 GMT
content-type: text/html; charset=UTF-8
set-cookie: url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
refresh: 8; url=https://izzylaif.com
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0842bcf37400004aaa719cd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BmkLQ92YNYCOIw3%2FTdMkC%2B5vM%2Fqvx48rK69F%2BY0CyNSP%2B7Q0F7sBPmAVLqReOojQvausaAnkJlUMzH%2BMKd%2FgULIdiO2zxVfII%2F6qziAB0igp6aEWQDxmXeE%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6217ca98bbc94aaa-FRA
content-encoding: br

Redirect headers

date: Sun, 14 Feb 2021 15:23:37 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d11df1582df6eba4a4fdcf2386759d23a1613316217; expires=Tue, 16-Mar-21 15:23:37 GMT; path=/; domain=.izzylaif.com; HttpOnly; SameSite=Lax; Secure url=https%3A%2F%2Fizzylaif.com; expires=Sun, 14-Feb-2021 16:23:37 GMT; Max-Age=3600; path=/; HttpOnly
location: /go.php
cf-cache-status: DYNAMIC
cf-request-id: 0842bcf34500004aaa3e387000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fFRly74pokKq7vx5kIMMFtMzCol4dPm0haQxh8foYS03jgbyA2vkVNzM%2Fg0zAhrOC3dLALJYuucuYfoV9yokvnddDgXib0%2FJEouaN1Tm64Nj5CE6uHEbM58%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6217ca986b1c4aaa-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 57ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/go.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a3ae6bfa989d3fd7e015d572fcb4bc5c096bbdc9670fd4b7456846199901baa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48421
x-xss-protection: 0
server: cafe
etag: 5055074899333445325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Feb 2021 15:23:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
636 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&display=swap

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/go.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

020845d22d3b3faf4203a9d6791bd61b2b16301c35973eabf39390b30b5aa44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 14 Feb 2021 14:58:14 GMT
server: ESF
date: Sun, 14 Feb 2021 15:23:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Feb 2021 15:23:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
603 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat&display=swap

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/go.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd4637feac159f8b59833e72839ea36cfa44d0def0007e8ef4d3a31a43a8d5d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 14 Feb 2021 15:23:37 GMT
server: ESF
date: Sun, 14 Feb 2021 15:23:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Feb 2021 15:23:37 GMT

GET
H2 200 counter.gif
izzylaif.com/ru/wp-content/uploads/2020/05/ 22 KB
22 KB 12ms
12ms Image
image/gif 2606:4700:3033::6815:57d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://izzylaif.com/ru/wp-content/uploads/2020/05/counter.gif
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:57d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57023a19eac22f0ac9b23a81e5d0235a113151d5bf1c28888aa744f5681ae1ca

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:37 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3661
content-length: 22193
cf-request-id: 0842bcf3af00004aaabca09000000001
last-modified: Fri, 31 Jul 2020 23:43:41 GMT
server: cloudflare
etag: "56b1-5abc55bdd885d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tnnyF3jBdxo%2FBLD6SxefKo%2FKM7XHhdZ2ckWnRZMhkOSVIF5PDuVaZmpwOrvKXutT7AaNz1Mdqe1J96DZq29%2FHbeKxXA53XjRCqU2fj7SX6buKY4%2BOwMORX4%3D"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6217ca991ca44aaa-FRA

GET
H2 200 15883.js Show response
cdn-rtb.sape.ru/rtb-b/js/883/2/ 179 KB
56 KB 259ms
124ms Script
application/javascript 193.232.121.29
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/rtb-b/js/883/2/15883.js

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/go.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.232.121.29 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

Software

nginx /

Resource Hash

146834fcc5c7ca4b5b170f3ca453644b76244958ad84109ddc61063c6411b811

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:37 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 02:55:53 GMT
server: nginx
x-amz-request-id: 1662920214307D5C
etag: W/"6385816b476e96852ed87174a83fe4ad"
x-cache-status: REVALIDATED
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
content-security-policy: block-all-mixed-content
x-xss-protection: 1; mode=block
expires: Sun, 14 Feb 2021 16:23:37 GMT

GET ga.js
www.google-analytics.com/ 0
0

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 118 KB
41 KB 48ms
48ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/go.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0bf91ea7fbb41113300ad53e5a4774576ee21e7de77a091b0913a2fce2df8f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:37 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 20:11:42 GMT
etag: "6026e0fe-a2de"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 41694
expires: Sun, 14 Feb 2021 16:23:37 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v15/ 8 KB
8 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://izzylaif.com
Referer: https://fonts.googleapis.com/css?family=Montserrat&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 12:56:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:59 GMT
server: sffe
age: 268033
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8108
x-xss-protection: 0
expires: Fri, 11 Feb 2022 12:56:24 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://izzylaif.com
Referer: https://fonts.googleapis.com/css?family=Montserrat&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 17:21:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 511335
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Tue, 08 Feb 2022 17:21:22 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUJiYySUhiCXABTV.woff
fonts.gstatic.com/s/oswald/v36/ 7 KB
7 KB 8ms
7ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUJiYySUhiCXABTV.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb975fe56115699466f36c32759624f494b7a72ee3271ae804374b5fad768ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://izzylaif.com
Referer: https://fonts.googleapis.com/css?family=Oswald&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 07:36:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:31:52 GMT
server: sffe
age: 114399
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7148
x-xss-protection: 0
expires: Sun, 13 Feb 2022 07:36:58 GMT

GET
H3-Q050 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v36/ 12 KB
12 KB 7ms
7ms Font
font/woff 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://izzylaif.com
Referer: https://fonts.googleapis.com/css?family=Oswald&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:47:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:33:12 GMT
server: sffe
age: 135390
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12672
x-xss-protection: 0
expires: Sun, 13 Feb 2022 01:47:07 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/ 226 KB
85 KB 72ms
59ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3dd0f99522a8917891c81455399e06fe7f18f2c7e07598478552520240e5bd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86804
x-xss-protection: 0
server: cafe
etag: 5055074899333445325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Feb 2021 15:23:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame A960 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210211/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://izzylaif.com/go.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://izzylaif.com/go.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 14 Feb 2021 05:49:25 GMT
expires: Sun, 28 Feb 2021 05:49:25 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 34452
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

1 Show response
mc.yandex.ru/watch/15024994/
Redirect Chain

https://mc.yandex.ru/watch/15024994?wmode=7&page-url=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afp%3A179%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.ru/watch/15024994/1?wmode=7&page-url=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afp%3A179%3Afu%3A0%3Aen%3Autf-8%3Ala%...

167 B
321 B

52ms
52ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/15024994/1?wmode=7&page-url=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afp%3A179%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A728287809109%3Ahid%3A273178402%3Az%3A60%3Ai%3A20210214162337%3Aet%3A1613316218%3Ac%3A1%3Arn%3A1018438240%3Au%3A16133162181034902306%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613316217642%3Ads%3A0%2C0%2C53%2C1%2C72%2C71%2C1%2C22%2C0%2C%2C%2C%2C151%3Adsn%3A0%2C0%2C54%2C0%2C71%2C71%2C1%2C24%2C0%2C%2C%2C%2C150%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613316218%3At%3ADownload%20Page

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/go.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

2223adc5528eff6eef3f0046096d000238f7f466d842283580d4da32b849eef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:23:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 14-Feb-2021 15:23:38 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://izzylaif.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sun, 14-Feb-2021 15:23:38 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:23:37 GMT
last-modified: Sun, 14-Feb-2021 15:23:37 GMT
location: /watch/15024994/1?wmode=7&page-url=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afp%3A179%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A728287809109%3Ahid%3A273178402%3Az%3A60%3Ai%3A20210214162337%3Aet%3A1613316218%3Ac%3A1%3Arn%3A1018438240%3Au%3A16133162181034902306%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613316217642%3Ads%3A0%2C0%2C53%2C1%2C72%2C71%2C1%2C22%2C0%2C%2C%2C%2C151%3Adsn%3A0%2C0%2C54%2C0%2C71%2C71%2C1%2C24%2C0%2C%2C%2C%2C150%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613316218%3At%3ADownload%20Page
strict-transport-security: max-age=31536000
access-control-allow-origin: https://izzylaif.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 14-Feb-2021 15:23:37 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 48ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/go.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:37 GMT
last-modified: Fri, 12 Feb 2021 20:11:42 GMT
etag: "6026df5a-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 14 Feb 2021 16:23:37 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
642 B 112ms
58ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=izzylaif.com&callback=_gfp_s_&client=ca-pub-3196505394625126

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f27f3edf7ed38e2f653f3a85b03a12e0262409bcfde05b5914b5c006e905eea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 48ms
27ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=izzylaif.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Feb 2021 15:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 47ms
27ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=izzylaif.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Feb 2021 15:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4DF0 11 KB
1 KB 58ms
57ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3196505394625126&output=html&adk=1812271804&adf=3025194257&lmt=1613316217&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fizzylaif.com%2Fgo.php&ea=0&flash=0&pra=5&wgl=1&dt=1613316217853&bpp=12&bdt=81&idt=117&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2643453367151&frm=20&pv=2&ga_vid=372578263.1613316218&ga_sid=1613316218&ga_hid=465261407&ga_fc=0&ga_wpids=UA-28214854-5&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=329793659537166&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=138

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8293f4717c10a964f1b2f8761128620cd3e78448f94e641609537662ad660b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3196505394625126&output=html&adk=1812271804&adf=3025194257&lmt=1613316217&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fizzylaif.com%2Fgo.php&ea=0&flash=0&pra=5&wgl=1&dt=1613316217853&bpp=12&bdt=81&idt=117&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2643453367151&frm=20&pv=2&ga_vid=372578263.1613316218&ga_sid=1613316218&ga_hid=465261407&ga_fc=0&ga_wpids=UA-28214854-5&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=329793659537166&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=138
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://izzylaif.com/go.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://izzylaif.com/go.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 14 Feb 2021 15:23:38 GMT
server: cafe
content-length: 1148
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 14-Feb-2021 15:38:38 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 14 Feb 2021 15:23:38 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960672666234"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28344
x-xss-protection: 0
expires: Sun, 14 Feb 2021 15:23:38 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2FD7 405 B
230 B 244ms
242ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3196505394625126&output=html&h=280&slotname=9228976308&adk=1927957476&adf=777752552&pi=t.ma~as.9228976308&w=336&lmt=1613316217&psa=0&format=336x280&url=https%3A%2F%2Fizzylaif.com%2Fgo.php&flash=0&wgl=1&dt=1613316217865&bpp=3&bdt=94&idt=132&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2643453367151&frm=20&pv=1&ga_vid=372578263.1613316218&ga_sid=1613316218&ga_hid=465261407&ga_fc=0&ga_wpids=UA-28214854-5&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=16&ady=664&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=329793659537166&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Y6rLVsnYwu&p=https%3A//izzylaif.com&dtd=138

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9847670fb20796b03a06dcd38e3c17edb133f51f6d4e09e504db4cd3f9584fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3196505394625126&output=html&h=280&slotname=9228976308&adk=1927957476&adf=777752552&pi=t.ma~as.9228976308&w=336&lmt=1613316217&psa=0&format=336x280&url=https%3A%2F%2Fizzylaif.com%2Fgo.php&flash=0&wgl=1&dt=1613316217865&bpp=3&bdt=94&idt=132&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2643453367151&frm=20&pv=1&ga_vid=372578263.1613316218&ga_sid=1613316218&ga_hid=465261407&ga_fc=0&ga_wpids=UA-28214854-5&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=16&ady=664&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C21068769%2C21068893%2C31060009&oid=3&pvsid=329793659537166&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Y6rLVsnYwu&p=https%3A//izzylaif.com&dtd=138
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://izzylaif.com/go.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://izzylaif.com/go.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 14 Feb 2021 15:23:38 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 14-Feb-2021 15:38:38 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 14 Feb 2021 15:23:38 GMT
cache-control: private

GET
H2 200 aci.js Show response
www.acint.net/ 21 KB
7 KB 85ms
27ms Script
application/x-javascript 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/883/2/15883.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: 8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
content-encoding: gzip
last-modified: Sat, 02 Jan 2021 18:29:13 GMT
server: openresty
etag: "5ff0bb79-1baf"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7087
expires: Mon, 15 Feb 2021 03:23:38 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
528 B 148ms
86ms Script
application/javascript 159.69.74.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_6029407a2_70881445&srtbid=15883&scids=161115187&sx=1600&sy=1200&ref=&u=https%3A%2F%2Fizzylaif.com%2Fgo.php&allimps=1&fl=0&v=2&tz=%2B01%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/883/2/15883.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.7 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290151.sapientru.net
Software: openresty /
Resource Hash: 09e925f0a4e34c7c5985c3f5e4695c680edaa8fcef5ac2cc63e0dca7219fcbf7

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:23:38 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 nv.js Show response
p1.dircont3.com/ 50 KB
9 KB 91ms
27ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://p1.dircont3.com/nv.js

Requested by

Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/883/2/15883.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

7e39d9191134921c335590a3d18039af126d49574f76e98fdf651b348c29eb28

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1ryzh++bv6gQAAA==
date: Sun, 14 Feb 2021 15:23:38 GMT
content-encoding: br
etag: W/"6026a431-c62a"
last-modified: Fri, 12 Feb 2021 15:52:17 GMT
server: CDN77-Turbo
x-77-nzt-ray: y2OBxL602/o=
strict-transport-security: max-age=604800
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 1258
x-77-pop: frankfurtDE
expires: Fri, 26 Feb 2021 15:02:40 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
528 B 98ms
36ms Script
application/javascript 159.69.74.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_6029407a2_69034528&srtbid=95403&scids=93390459&sx=1600&sy=1200&ref=&allimps=0&fl=0&v=2&tz=%2B01%3A00&u=https%3A%2F%2Fizzylaif.com%2Fgo.php
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/883/2/15883.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.7 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290151.sapientru.net
Software: openresty /
Resource Hash: d271094710b763c57648acad0b4fec139eccc6d6efe3b2dff392f79c0f0a63a3

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:23:38 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
340 B 84ms
29ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A15883%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A471%7D&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=1613316218
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
341 B 83ms
28ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=15883.35800.161115187.0.0.86&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=1613316218
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
341 B 83ms
29ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A15883%2C%22sc%22%3A0%2C%22pl%22%3A35800%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=1613316218
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
341 B 83ms
28ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=95403.446640.93390459&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&r=8zzfvv8yq4el
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 71281900 Show response
mc.yandex.ru/watch/ 167 B
198 B 50ms
50ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/71281900?wmode=7&page-url=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&site-info=%7B%22site_id%22%3A15883%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afp%3A179%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A2%3Adp%3A1%3Als%3A1170298404320%3Ahid%3A273178402%3Az%3A60%3Ai%3A20210214162338%3Aet%3A1613316218%3Ac%3A1%3Arn%3A1039869788%3Au%3A16133162181034902306%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613316217642%3Ads%3A0%2C0%2C53%2C1%2C72%2C71%2C1%2C22%2C0%2C%2C%2C%2C151%3Adsn%3A0%2C0%2C54%2C0%2C71%2C71%2C1%2C24%2C0%2C%2C%2C%2C150%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613316218%3At%3ADownload%20Page

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0201d1064850de72374dbf90244a5bfcc7f38d8adfd82dd733255385259ab402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:23:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 14-Feb-2021 15:23:38 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://izzylaif.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sun, 14-Feb-2021 15:23:38 GMT

GET
H2 200 / Show response
www.acint.net/mc/ Frame 21D1 3 KB
4 KB 29ms
28ms Document
text/html 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=14
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: c92d2b76ea3e5eb9bc3b02099fd8bfdc47a92b2a590b1b271c8a932c40fa3a76

Request headers

:method: GET
:authority: www.acint.net
:scheme: https
:path: /mc/?dp=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://izzylaif.com/go.php
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aid=fwAAAWApQHqZvAPwgNzsAmDrd8gmPHA3hA61/St1RuWVmBen
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://izzylaif.com/go.php

Response headers

server: openresty
date: Sun, 14 Feb 2021 15:23:38 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1613316218; expires=Mon, 15-Feb-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1613316218; expires=Sun, 28-Feb-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1613316218; expires=Sun, 28-Feb-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1613316218; expires=Sun, 28-Feb-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

GET
H2 200 /
www.acint.net/hit/ 43 B
224 B 28ms
28ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.3.0&uid=32c2e5e6-86a2-4dcc-9e5d-a32ad81b774d&dp=14&tz=%2B01%3A00&nc=75894421&u=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=&rs=1600x1200&t=Download%20Page&oE=1&oP=1&dT=2021-02-14T16%3A23%3A38.219&fu=006815cd-de9c-48c8-83eb-fbf8cd0d7fbf
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 200
OK / Show response
ps.ntvk1.ru/nv/ 4 KB
4 KB 188ms
66ms XHR
text/plain 95.213.133.115
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://ps.ntvk1.ru/nv/?top_href=https%3A%2F%2Fizzylaif.com%2Fgo.php

Requested by

Host: p1.dircont3.com
URL: https://p1.dircont3.com/nv.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.213.133.115 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.15.7 /

Resource Hash

26d609542fb9d29d7e6a4fceacb14cd7c04ef6634a2661430f61664937cd4632

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 14 Feb 2021 15:23:38 GMT
Access-Control-Request-Method: POST
Server: nginx/1.15.7
Accept-Language: en-US,en;q=0.8
Strict-Transport-Security: max-age=604800
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://izzylaif.com
Accept: */*
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Nativka-Host: ps3.ntvk1.ru
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Key, Cookie, Referer, User-Agent, Host, Connection
Content-Length: 3777
Access-Control-Request-Headers: origin, content-type

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 27ms
26ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=95403.446640.93390459&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&r=87ascf6wqezc
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 21D1
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F7A402960F003BC9902ECDC80
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F7A402960F003BC9902ECDC80&crf=1

68 B
150 B

27ms
27ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F7A402960F003BC9902ECDC80&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007F7A402960F003BC9902ECDC80&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 21D1
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007F7A402960310067190270891C

43 B
269 B

41ms
28ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007F7A402960310067190270891C
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Sun, 14 Feb 2021 15:23:38 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007F7A402960310067190270891C
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 21D1
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F7A402960F003BC9902ECDC80
https://px.adhigh.net/p/cm/sape?u=0100007F7A402960F003BC9902ECDC80&bounced=1
https://acint.net/match?dp=17&euid=7cCoalogoNg.AikABlF3oSP4Rw

43 B
269 B

28ms
27ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=7cCoalogoNg.AikABlF3oSP4Rw
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:23:45 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f11-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=7cCoalogoNg.AikABlF3oSP4Rw
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 21D1 43 B
635 B 154ms
55ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F7A402960F003BC9902ECDC80
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:23:38 GMT
Last-Modified: Sun, 14 Feb 2021 15:23:38 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Sun, 14 Feb 2021 21:23:38 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 21D1
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5324010975
https://www.acint.net/rmatch?dp=45&euid=AyF-8IJEEgFhF7h7qJ5AEcg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F7A402960F003BC9902ECDC80

42 B
201 B

240ms
84ms

Image
image/gif

81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F7A402960F003BC9902ECDC80
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:23:38 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Sun, 14 Feb 2021 15:23:38 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F7A402960F003BC9902ECDC80
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 21D1
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=1c73a3d4-8a36-48cd-9b77-3a3eea34cea1
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj6gKWBBlIEioaQK2IkMWM3M2EzZDQtOGEzNi00OGNkLTliNzctM2EzZWVhMzRjZWEx
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj6gKWBBlIEioaQK2IkMWM3M2EzZDQtOGEzNi00OGNkLTliNzctM2EzZWVhMzRjZWExogEQnMxK1m7YEeum6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABj6gKWBBmIkMWM3M2EzZDQtOGEzNi00OGNkLTliNzctM2EzZWVhMzRjZWExogEQnMxK1m7YEeum6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARj6gKWBBmIkMWM3M2EzZDQtOGEzNi00OGNkLTliNzctM2EzZWVhMzRjZWExogEQnMxK1m7YEeum6QAlkMgkNw**

43 B
552 B

27ms
27ms

Image
image/gif

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARj6gKWBBmIkMWM3M2EzZDQtOGEzNi00OGNkLTliNzctM2EzZWVhMzRjZWExogEQnMxK1m7YEeum6QAlkMgkNw**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:23:38 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Sun, 14 Feb 2021 15:23:38 GMT
Server: nginx
ETag: 9ccc4ad6-6ed8-11eb-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARj6gKWBBmIkMWM3M2EzZDQtOGEzNi00OGNkLTliNzctM2EzZWVhMzRjZWExogEQnMxK1m7YEeum6QAlkMgkNw**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm.hybrid.ai/ Frame 21D1 0
238 B 497ms
97ms Image
text/plain 37.18.16.23
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=106&vid=0100007F7A402960F003BC9902ECDC80

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:23:38 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 114
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 21D1 3 KB
3 KB 591ms
433ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:23:38 GMT
Last-Modified: Thu, 28 Jan 2021 10:50:38 GMT
Server: nginx
ETag: "601296fe-c11"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3089

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 21D1 0
69 B 92ms
28ms Image
text/plain 195.201.106.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F7A402960F003BC9902ECDC80
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.106.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.106.201.195.clients.your-server.de
Software: nginx/1.15.9 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 14 Feb 2021 15:23:38 GMT
server: nginx/1.15.9

GET
H2

200

match
www.acint.net/ Frame 21D1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf3pAKWDwA7yZAuzcgA
https://www.acint.net/match?dp=77&euid=

43 B
269 B

27ms
27ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:23:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 21D1
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F7A402960F003BC9902ECDC80
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F7A402960F003BC9902ECDC80

43 B
115 B

72ms
24ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F7A402960F003BC9902ECDC80
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Wjelsryp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Sun, 14 Feb 2021 15:23:38 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F7A402960F003BC9902ECDC80
date: Sun, 14 Feb 2021 15:23:15 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 21D1 42 B
201 B 561ms
303ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F7A402960F003BC9902ECDC80
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:23:38 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sprcs
relap.io/partners/ Frame 21D1 43 B
1 KB 449ms
321ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/sprcs?uid=0100007F7A402960F003BC9902ECDC80

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Feb 2021 15:23:38 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=5184000; includeSubdomains;
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame 21D1
Redirect Chain

https://adx.com.ru/sape-sync?uid=0100007F7A402960F003BC9902ECDC80
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F7A402960F003BC9902ECDC80
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=6029407aa897d84d6924a236&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D6029407aa897d84d6924a236%2526d...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D6029407aa897d84d6924a236%2526d...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DYABBI%26id%3D6029407aa897d84d6924a236%26dest%3D&webouid=XKX6P8P.988CRnciw2/rD.
https://x01.aidata.io/0.gif?pid=YABBI&id=6029407aa897d84d6924a236&dest=
https://x01.aidata.io/0.gif?pid=YABBI&id=6029407aa897d84d6924a236&dest=&bounce=1

0
584 B

159ms
78ms

Image
text/plain

89.108.119.43
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=YABBI&id=6029407aa897d84d6924a236&dest=&bounce=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51370.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Feb 2021 15:23:38 GMT
Last-Modified: Sun, 14 Feb 2021 15:23:37 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Sun, 14 Feb 2021 15:23:37 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 14 Feb 2021 15:23:38 GMT
Last-Modified: Sun, 14 Feb 2021 15:23:37 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: https://x01.aidata.io/0.gif?pid=YABBI&id=6029407aa897d84d6924a236&dest=&bounce=1
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 0
Expires: Sun, 14 Feb 2021 15:23:37 GMT

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 21D1
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7A402960F003BC9902ECDC80
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7A402960F003BC9902ECDC80&cs=1

35 B
376 B

28ms
27ms

Image
image/gif

88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7A402960F003BC9902ECDC80&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7A402960F003BC9902ECDC80&cs=1
date: Sun, 14 Feb 2021 15:23:38 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 21D1
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=HCUbWvJdOMow

43 B
269 B

27ms
27ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=HCUbWvJdOMow
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=HCUbWvJdOMow
Date: Sun, 14 Feb 2021 15:23:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 21D1
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=f9b5df77-095c-522d-89e2-6fcfe9cb2fb5

43 B
269 B

27ms
26ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=f9b5df77-095c-522d-89e2-6fcfe9cb2fb5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=f9b5df77-095c-522d-89e2-6fcfe9cb2fb5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 p
0100007f7a402960f003bc9902ecdc80-sp.ops.beeline.ru/ Frame 21D1 35 B
628 B 264ms
70ms Image
image/gif 37.9.245.57
BEE-AS Russia

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0100007f7a402960f003bc9902ecdc80-sp.ops.beeline.ru/p?ssp=sp&id=0100007F7A402960F003BC9902ECDC80
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
x-route: http://upstream_cookiesync
server: nginx
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.36
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content matchspm
ut.rktch.com/ Frame 21D1 0
440 B 208ms
67ms Image
text/plain 176.99.5.102
LOGOL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F7A402960F003BC9902ECDC80
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.102 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d41228.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:23:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.14.2
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS

GET
H2

404

OApr6z9SSGqEyeiWlvA9VQ
an.yandex.ru/setud/mts_banner/ Frame 21D1
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F7A402960F003BC9902ECDC80
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D380a6beb-3f52-486a-84c9-e89696f03d55&ssp=sape&exu=0100007F7A402960F003BC9902ECDC80
https://tech.rtb.mts.ru/?dsp_uid=380a6beb-3f52-486a-84c9-e89696f03d55&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FOApr6z9SSGqEyeiWlvA9VQ%3Flocation%3Dhttps%253A%252F%252Fwww.acint....
https://an.yandex.ru/setud/mts_banner/OApr6z9SSGqEyeiWlvA9VQ?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D380a6beb-3f52-486a-84c9-e89696f03d55&sign=3681656732

43 B
290 B

69ms
68ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/setud/mts_banner/OApr6z9SSGqEyeiWlvA9VQ?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D380a6beb-3f52-486a-84c9-e89696f03d55&sign=3681656732
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:23:40 GMT
last-modified: Sun, 14 Feb 2021 15:23:40 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=windows-1251
content-length: 43
expires: Sun, 14 Feb 2021 15:23:40 GMT

Redirect headers

Date: Sun, 14 Feb 2021 15:23:40 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/OApr6z9SSGqEyeiWlvA9VQ?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D380a6beb-3f52-486a-84c9-e89696f03d55&sign=3681656732
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame 21D1
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=dc62a8d4-5181-4341-7845-e8696cd48777

43 B
269 B

27ms
26ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=dc62a8d4-5181-4341-7845-e8696cd48777
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=dc62a8d4-5181-4341-7845-e8696cd48777
date: Sun, 14 Feb 2021 15:23:38 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 21D1
Redirect Chain

https://s.uuidksinc.net/match/396/0100007F7A402960F003BC9902ECDC80
https://www.acint.net/match?dp=127&euid=ysCvyPnUZfLMwYirFSW1

43 B
269 B

27ms
27ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=ysCvyPnUZfLMwYirFSW1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Sun, 14 Feb 2021 15:23:38 GMT
server: nginx/1.19.0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
location: https://www.acint.net/match?dp=127&euid=ysCvyPnUZfLMwYirFSW1
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 21D1 0
215 B 212ms
67ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F7A402960F003BC9902ECDC80
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 Feb 2021 15:23:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007F7A402960F003BC9902ECDC80
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 21D1 0
172 B 202ms
65ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F7A402960F003BC9902ECDC80
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame 21D1
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F7A402960F003BC9902ECDC80
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F7A402960F003BC9902ECDC80&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
584 B

72ms
71ms

Image
text/plain

89.108.119.43
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51370.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Feb 2021 15:23:39 GMT
Last-Modified: Sun, 14 Feb 2021 15:23:38 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Sun, 14 Feb 2021 15:23:38 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Sun, 14 Feb 2021 15:23:39 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 242
Strict-Transport-Security: max-age=86400
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 frame.html Show response
s3.advarkads.com/modules/match/ Frame 717E 187 B
547 B 110ms
90ms Document
text/html 2606:4700:10::6816:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F7A402960F003BC9902ECDC80
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

:method: GET
:authority: s3.advarkads.com
:scheme: https
:path: /modules/match/frame.html?id=8113-1-1&uid=0100007F7A402960F003BC9902ECDC80
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.acint.net/mc/?dp=14
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.acint.net/mc/?dp=14

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
content-type: text/html
set-cookie: __cfduid=d133f12188be0e35aee4596f0cdc5d5381613316218; expires=Tue, 16-Mar-21 15:23:38 GMT; path=/; domain=.advarkads.com; HttpOnly; SameSite=Lax
cache-control: max-age=60
last-modified: Sat, 25 Apr 2020 07:44:34 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 0842bcf5ad0000dff732adb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6217ca9c4ab7dff7-FRA
content-encoding: gzip

GET
H2 200 header-bidding.js Show response
yastatic.net/pcode/adfox/ 162 KB
37 KB 164ms
80ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/header-bidding.js

Requested by

Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/883/2/15883.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

63e46f944672d9c3dd90e1c110b18664d66e1b35b15861ac0f29efda91453157

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 37049
last-modified: Wed, 10 Feb 2021 13:22:43 GMT
server: nginx/1.17.9
etag: "01fbc12ecc9a5b37403bf7ea394e76c1"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Feb 2021 16:19:56 GMT

GET
H2 200 loader.js Show response
yastatic.net/pcode/adfox/ 180 KB
41 KB 166ms
81ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/loader.js

Requested by

Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/883/2/15883.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

35d8a7f8b8931366f373641fb07fb19caaa7c291b3e83e5d2bd9ed19361ee5c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://izzylaif.com
Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 41730
last-modified: Wed, 10 Feb 2021 13:22:43 GMT
server: nginx/1.17.9
etag: "6959c888bcbab35a55888881b24e2c48"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Feb 2021 16:20:03 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 28ms
27ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=15883.35800.161115187.0.0.86&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=1613316218
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
DATA 200
OK truncated
/ 612 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74dcd398eafd7dbc3d07b76625839f63f464de97b26adca97ac30883cf79b0d9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 28ms
27ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=86&id=15883.35800.162285508.0.1.95&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=1613316218
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 28ms
27ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A15883%2C%22sc%22%3A0%2C%22pl%22%3A35800%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=1613316218
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 frame.js Show response
s3.advarkads.com/modules/match/ Frame 717E 20 KB
7 KB 12ms
12ms Script
application/javascript 2606:4700:10::6816:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F7A402960F003BC9902ECDC80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e0e878a41cbf1c2aa09176ad0afe985d53fa958f7b191e8bba15089f6c29c7b

Request headers

Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F7A402960F003BC9902ECDC80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 32
content-length: 6561
cf-request-id: 0842bcf60b0000dff767295000000001
last-modified: Tue, 19 Jan 2021 09:46:36 GMT
server: cloudflare
etag: "06618fa47eed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6217ca9cdb83dff7-FRA

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 717E
Redirect Chain

https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F7A402960F003BC9902ECDC80
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d68f01-aada-44a8-a280-06f8472bdbbb
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d68f01-aada-44a8-a280-06f8472bdbbb&cs=1

35 B
376 B

28ms
28ms

Image
image/gif

88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d68f01-aada-44a8-a280-06f8472bdbbb&cs=1
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F7A402960F003BC9902ECDC80
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F7A402960F003BC9902ECDC80
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:24:00 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d68f01-aada-44a8-a280-06f8472bdbbb&cs=1
date: Sun, 14 Feb 2021 15:24:00 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

POST
H/1.1 200
OK auction Show response
pbs.alfasense.com/yandex/ 2 B
246 B 523ms
84ms XHR
application/json 23.111.100.228
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.alfasense.com/yandex/auction
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.100.228 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://izzylaif.com
Date: Sun, 14 Feb 2021 15:23:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

OPTIONS
H2 200 getcookie
matchid.adfox.yandex.ru/ Frame 0
0 142ms
46ms Other 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Protocol

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://izzylaif.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
access-control-allow-headers: accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-credentials: true
date: Sun, 14 Feb 2021 15:23:38 GMT
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://izzylaif.com
x-content-type-options: nosniff

POST
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 248 B
434 B 151ms
55ms XHR
application/json 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

5a7b1fe1646b3d72d0de487f88d9ce6d2fb30069e838c0169e234ac73f765dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://izzylaif.com
date: Sun, 14 Feb 2021 15:23:38 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 248
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 banners.js Show response
yastatic.net/pcode-bundles/0.1.3033/ 116 KB
28 KB 52ms
51ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1.3033/banners.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e67c43ebe2ee808b1fa8c5281fa07ee36bcad76632db7890e054f8e91eb13ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://izzylaif.com
Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 27645
last-modified: Wed, 10 Feb 2021 12:08:32 GMT
server: nginx/1.17.9
etag: "8491a46b0f504cc1e25dc41a76ba8d70"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Feb 2051 21:56:07 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 125 KB
35 KB 200ms
112ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

25a66d031462f15f08014af7627a96382a54ce471ece928fd0bd4b699e901789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Feb 2021 15:23:38 GMT
content-encoding: br
server: nginx/1.12.2
etag: 253797119
x-yandex-req-id: 1613316218648774-762371970562435124800107-production-app-host-man-pcode-14
strict-transport-security: max-age=31536000
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 14 Feb 2021 16:23:38 GMT

GET
H2 200 29035856a8d1f7b8a25b.js Show response
yastatic.net/partner-code-bundles/13849/ 12 KB
5 KB 43ms
42ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/13849/29035856a8d1f7b8a25b.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b2182afbbf351369e6059cbc7906439bdea995b9823f18fed49080d26c13d610

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://izzylaif.com
Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4196
last-modified: Thu, 11 Feb 2021 22:23:20 GMT
server: nginx/1.17.9
etag: "6eaf334b25b2adf7eb57439902572f1c"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Feb 2051 21:59:06 GMT

GET
H2 200 d7b4fb4c215139f4fb2a.js Show response
yastatic.net/partner-code-bundles/13849/ 398 KB
85 KB 54ms
54ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/13849/d7b4fb4c215139f4fb2a.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b70d01f27bdd33d7b7f07b1cd626a8eba39997df7fd36ffc6ac60616197e1cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://izzylaif.com
Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 86875
last-modified: Thu, 11 Feb 2021 22:23:20 GMT
server: nginx/1.17.9
etag: "5f0e0bca06270c93dd632ce315df2cb7"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Feb 2051 21:59:05 GMT

GET
H2 200 24c9fc605c1a6f96bad9.js Show response
yastatic.net/partner-code-bundles/13849/ 281 KB
49 KB 111ms
111ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/13849/24c9fc605c1a6f96bad9.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f2e1f4095c30b565126b0291b04b69429e245f568e1ab4e15604e70f41fd8b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://izzylaif.com
Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:38 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 49720
last-modified: Thu, 11 Feb 2021 22:23:20 GMT
server: nginx/1.17.9
etag: "49345203747068796832b87fe3afe495"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Feb 2051 21:59:19 GMT

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 21D1 15 KB
16 KB 144ms
143ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=248990517237977
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5a49726bf861ad2dbeed14284fc73e953d2e0c8760d79741829116fada42ff75

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:23:38 GMT
Last-Modified: Thu, 28 Jan 2021 10:50:38 GMT
Server: nginx
ETag: "601296fe-3da0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15776

GET
H/1.1 200
OK / Show response
ps5.ntvk1.ru/ 102 B
431 B 238ms
86ms XHR
application/json 194.176.118.216
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ps5.ntvk1.ru/?r=tyutkbmzvo
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.176.118.216 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d40666.acod.regrucolo.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2d06e396ae3e665587c28f5ab65944261d284a6d4597f89f741c12ed8354bd5d

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:23:39 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://izzylaif.com
Access-Control-Expose-Headers: Content-Length,Date,Server
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 102

GET
H/1.1

204
No Content

matchspm
ut.rktch.com/
Redirect Chain

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}
https://ut.rktch.com/matchspm?pi=1000006&pui=XKX6P8P.988CRnciw2/rD.

0
287 B

243ms
63ms

Image
text/plain

176.99.5.102
LOGOL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=XKX6P8P.988CRnciw2/rD.
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.102 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d41228.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:23:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.14.2
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS

Redirect headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:23:38 GMT
via: 1.1 google
last-modified: Sun, 14 Feb 2021 15:23:38 GMT
server: nginx/1.12.0
location: https://ut.rktch.com/matchspm?pi=1000006&pui=XKX6P8P.988CRnciw2/rD.
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 204
No Content matchspm
ut.rktch.com/ 0
287 B 70ms
69ms Image
text/plain 176.99.5.102
LOGOL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=2&pui=7c144efd67174fc8a6e948d3f66fd4cf
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.102 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d41228.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:23:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.14.2
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS

GET
H2

404

OApr6z9SSGqEyeiWlvA9VQ
an.yandex.ru/setud/mts_banner/
Redirect Chain

https://ut.rktch.com/matchbt?bi=29
https://sm.rtb.mts.ru/p?ssp=natimatica&id=40df4c19d66c4ca4af4736ed66c5ad599320
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D380a6beb-3f52-486a-84c9-e89696f03d55&ssp=natimatica&exu=40df4c19d66c4ca4af4736ed66c5ad599320
https://tech.rtb.mts.ru/?dsp_uid=380a6beb-3f52-486a-84c9-e89696f03d55&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FOApr6z9SSGqEyeiWlvA9VQ%3Flocation%3Dhttps%253A%252F%252Fut.rktch.c...
https://an.yandex.ru/setud/mts_banner/OApr6z9SSGqEyeiWlvA9VQ?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D380a6beb-3f52-486a-84c9-e89696f03d55&sign=3640690295

43 B
290 B

65ms
65ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/setud/mts_banner/OApr6z9SSGqEyeiWlvA9VQ?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D380a6beb-3f52-486a-84c9-e89696f03d55&sign=3640690295
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:23:40 GMT
last-modified: Sun, 14 Feb 2021 15:23:40 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=windows-1251
content-length: 43
expires: Sun, 14 Feb 2021 15:23:40 GMT

Redirect headers

Date: Sun, 14 Feb 2021 15:23:40 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/OApr6z9SSGqEyeiWlvA9VQ?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D380a6beb-3f52-486a-84c9-e89696f03d55&sign=3640690295
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

natimatica
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain

https://ut.rktch.com/matchbt?bi=27
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?uid=40df4c19d66c4ca4af4736ed66c5ad599320
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=40df4c19d66c4ca4af4736ed66c5ad599320

43 B
130 B

29ms
28ms

Image
image/gif

144.76.118.200
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=40df4c19d66c4ca4af4736ed66c5ad599320
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.118.200 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.200.118.76.144.clients.your-server.de
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

Redirect headers

location: /cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=40df4c19d66c4ca4af4736ed66c5ad599320
date: Sun, 14 Feb 2021 15:23:39 GMT
server: nginx
etag: W/"4661abd5374d0c95593e50788565270d7d42c00c7907407f260f9caefba680c3"
content-length: 129
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

pixel.gif
sync.1dmp.io/
Redirect Chain

https://ut.rktch.com/matchbt?bi=50
https://api.advarkads.com/api/statistic/match?id=8067-1-1&uid=40df4c19d66c4ca4af4736ed66c5ad599320
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d68f01-0a35-4462-95cc-d29a339d8626

35 B
376 B

27ms
27ms

Image
image/gif

88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d68f01-0a35-4462-95cc-d29a339d8626
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:24:00 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 14 Feb 2021 15:24:00 GMT
Server: nginx/1.18.0
X-Powered-By: ASP.NET
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d68f01-0a35-4462-95cc-d29a339d8626
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: -1

GET
H2

200

uuid
rtb.beroll.ru/
Redirect Chain

https://ut.rktch.com/matchbt?bi=39
https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D

0
86 B

242ms
93ms

Image
text/plain

82.202.224.34
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.224.34 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
server: nginx/1.14.0
content-length: 0
content-type: application/octet-stream, text/plain

Redirect headers

Date: Sun, 14 Feb 2021 15:23:39 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
location: https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 21D1
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=921171576845807.471443073477573&a=77&e=0100007F7A402960F003BC9902ECDC80&pref=https%3A%2F%2Fizzylaif.com%2Fgo.php&c=ss:77.up:0100007F7A402960F003BC9902ECDC8...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=921171576845807.471443073477573&a=77&e=0100007F7A402960F003BC9902ECDC80&pref=https%3A%2F%2Fizzylaif.com%2Fgo.php&c=ss:77.up:010000...

49 B
602 B

138ms
70ms

Image
image/gif

185.15.175.133
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=921171576845807.471443073477573&a=77&e=0100007F7A402960F003BC9902ECDC80&pref=https%3A%2F%2Fizzylaif.com%2Fgo.php&c=ss:77.up:0100007F7A402960F003BC9902ECDC80.sync:up.xdua:duxg_YUwDHyCDkVZzy95u8SM.xps:xps7nOFFRvI6NchHwS0Pfevu8.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.133 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:23:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 5
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Sun, 14 Feb 2021 15:23:39 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=921171576845807.471443073477573&a=77&e=0100007F7A402960F003BC9902ECDC80&pref=https%3A%2F%2Fizzylaif.com%2Fgo.php&c=ss:77.up:0100007F7A402960F003BC9902ECDC80.sync:up.xdua:duxg_YUwDHyCDkVZzy95u8SM.xps:xps7nOFFRvI6NchHwS0Pfevu8.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 1
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 21D1
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=921171576845807.382393169242103&a=77&e=0100007F7A402960F003BC9902ECDC80&pref=https%3A%2F%2Fizzylaif.com%2Fgo.php&c=ss:77.up:0100007F7A402960F003BC9902ECDC8...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=921171576845807.382393169242103&a=77&e=0100007F7A402960F003BC9902ECDC80&pref=https%3A%2F%2Fizzylaif.com%2Fgo.php&c=ss:77.up:010000...

49 B
602 B

133ms
70ms

Image
image/gif

185.15.175.133
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=921171576845807.382393169242103&a=77&e=0100007F7A402960F003BC9902ECDC80&pref=https%3A%2F%2Fizzylaif.com%2Fgo.php&c=ss:77.up:0100007F7A402960F003BC9902ECDC80.sync:up.xdua:duxg_YUwDHyCDkVZzy95u8SM.xps:xps7nOFFRvI6NchHwS0Pfevu8.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.133 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:23:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 3
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Sun, 14 Feb 2021 15:23:39 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=921171576845807.382393169242103&a=77&e=0100007F7A402960F003BC9902ECDC80&pref=https%3A%2F%2Fizzylaif.com%2Fgo.php&c=ss:77.up:0100007F7A402960F003BC9902ECDC80.sync:up.xdua:duxg_YUwDHyCDkVZzy95u8SM.xps:xps7nOFFRvI6NchHwS0Pfevu8.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2 200 v2 Show response
an.yandex.ru/adfox/370085/getBulk/ 170 B
499 B 216ms
215ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/370085/getBulk/v2?dl=https%3A%2F%2Fizzylaif.com%2Fgo.php&date=2021-02-14T16%3A23%3A39.031%2B01%3A00&pd=14&pdh=1200&pdw=1600&pr1=616752206&pr=3303844345&prr=&pv=16&pw=0&extid_loader=MTYxMzMxNjIxODEwMzQ5MDIzMDY%3D&extid_tag_loader=izzylaif.com&ylv=0.3034&ybv=0.3033&ytt=541509503420437&is-turbo=0&skip-token=&ad-session-id=7959571613316219037&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22quirks%22%3Atrue%2C%22w%22%3A240%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A400%2C%22left%22%3A1359%2C%22top%22%3A799%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=yzaf4KYvPR9tnEe-zhY0gkzYj4_qAyIT87FWLhznY4OmMLPstPSsmIHx8C3M6tNATzJPiOaII2TUzphsFFcwT1CGIYA3bVqipI2TUnDJM5LPLQA30HYLrfeYqNrEaU7e01U20bspKkBfyOkGa1e5pKnfoQU5g3M1yBDVCovavMmEkExi4RFshR4s439d5OCR&matchid-cookies-sign=biZYx4JYVSc-CqHB8e8IDg%3D%3D&pp=biul&ps=erjx&p2=hbcl&partner-stat-id=162285508&slotNumber=1&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjEzNzUxODgsInJlc3BvbnNlX3RpbWUiOjU0MywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6InNhcGVfMzU4MDAifV0%3D&grab=dERvd25sb2FkIFBhZ2UKMdCh0LrQsNGH0LDRgtGMIHwgRG93bmxvYWQgCjLQldGB0LvQuCDQt9Cw0LPRgNGD0LfQutCwINC90LUg0L3QsNGH0LDQu9Cw0YHRjCwg0L3QsNC20LzQuNGC0LUg0YHRjtC00LAgCjJJZiBkb3dubG9hZCBoYXMgbm90IHN0YXJ0ZWQgeWV0LCBjbGljayBoZXJlIAo%3D&utf8=%E2%9C%93&duid=MTYxMzMxNjIxODEwMzQ5MDIzMDY%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

fb614b5308a1d217e5b5eb67799f891eaa164eb0f4f9f90008a52b8e3e49bb13

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:23:39 GMT
content-encoding: gzip
last-modified: Sun, 14 Feb 2021 15:23:39 GMT
server: nginx/1.12.2
timing-allow-origin: *
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://izzylaif.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json
x-xss-protection: 1; mode=block
expires: Sun, 14 Feb 2021 15:23:39 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/15024994/ 43 B
73 B 58ms
58ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/15024994/1?page-url=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A1%3Als%3A728287809109%3Ahid%3A273178402%3Az%3A60%3Ai%3A20210214162339%3Aet%3A1613316219%3Ac%3A1%3Arn%3A86255102%3Au%3A16133162181034902306%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613316217642%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613316219

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:23:39 GMT
last-modified: Sun, 14-Feb-2021 15:23:39 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://izzylaif.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 14-Feb-2021 15:23:39 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/71281900/ 43 B
145 B 51ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/71281900/1?page-url=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A2%3Adp%3A1%3Als%3A1170298404320%3Ahid%3A273178402%3Az%3A60%3Ai%3A20210214162339%3Aet%3A1613316219%3Ac%3A1%3Arn%3A336772296%3Au%3A16133162181034902306%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613316217642%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613316219

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:23:39 GMT
last-modified: Sun, 14-Feb-2021 15:23:39 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://izzylaif.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 14-Feb-2021 15:23:39 GMT

GET
H2 200 app.js Show response
cloudfastads.ru/ 90 KB
25 KB 43ms
16ms Script
application/javascript 2606:4700:3030::6815:526e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudfastads.ru/app.js

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/go.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfcaa723a9ceaa4a6c48114b98379d9dbd86dd4f8bd2472df9307394f6f2c9a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 440989
cf-polished: origSize=91896
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0842bcf99d00004ac842172000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 12:53:40 GMT
server: cloudflare
etag: W/"6006d654-166f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x%2Bn9IfRi5kbLxWugvy%2BMtlOhtjAt%2BvK6H0nJ1quwnvWotxhs74BEBdRNkQlRzJj%2F3hjNuuuH2zobkdCk%2FRCrt2n2ziF9aI4t3ZXBA%2F9Fknx8oE0Xa3wWCB5bm8w%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
cf-bgj: minify
x-xss-protection: 1; mode=block
cache-control: max-age=604800
cf-ray: 6217caa29a524ac8-FRA
expires: Tue, 16 Feb 2021 12:53:50 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 28ms
27ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=86&id=15883.35800.162285508.0.1.95&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=1613316219
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 28ms
28ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=80&id=15883.35800.161115190.0.4.61&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=1613316219
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 teasers Show response
cloudfastads.ru/data/ 15 KB
4 KB 121ms
121ms Fetch
application/json 2606:4700:3030::6815:526e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudfastads.ru/data/teasers

Requested by

Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32fceabe4bb6e7f5fc55d41822b1abb34a412831a496eeaff2bf6999cd13819d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-xss-protection: 1; mode=block
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0842bcf9c500004ac8099bc000000001
referrer-policy: no-referrer-when-downgrade
server: cloudflare
etag: W/"3d40-jOuw2NjP8e7aBY42CaJvnN36dkc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0MrBGsRSCafj7K%2Bq6bEhqfUT1nB%2B3KhUwbMGT6CjCjVxgXag8mP0SeiHjTqn0IYk3njcFPXAoPyq7X4sFjwdl0sL4kb%2B94WQ1nU%2Blaxv81EJYZwVkWMjNo7ap1U%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://izzylaif.com
vary: Accept-Encoding, Origin
cache-control: private, max-age=60, stale-while-revalidate=84000
access-control-allow-credentials: true
cf-ray: 6217caa2dad44ac8-FRA
expires: Sun Feb 14 2021 18:21:04 GMT+0300

GET
H2 200 5d67b88f5b42dd1803ea7201 Show response
cloudfastads.ru/data/iframe/29058/desktop/ Frame 54FF 4 KB
2 KB 43ms
42ms Document
text/html 2606:4700:3030::6815:526e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudfastads.ru/data/iframe/29058/desktop/5d67b88f5b42dd1803ea7201

Requested by

Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5df26de99e17cd17363975e53f4ca8b42c3bc263b602e419f6354ac734aa4f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cloudfastads.ru
:scheme: https
:path: /data/iframe/29058/desktop/5d67b88f5b42dd1803ea7201
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://izzylaif.com/go.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://izzylaif.com/go.php

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d67544e011633cbb4fc06601b6e23eaa91613316219; expires=Tue, 16-Mar-21 15:23:39 GMT; path=/; domain=.cloudfastads.ru; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding Origin
access-control-allow-credentials: true
expires: Sun Feb 14 2021 18:12:01 GMT+0300
cache-control: private, max-age=60, stale-while-revalidate=84000
link: </css/inner.css>; rel=preload; as=style; crossorigin, </inner.js>; rel=preload; as=script; crossorigin;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-request-id: 0842bcf9cb00004ac81e3c9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dViOmQwsNHXVKfVZF2M5XAfVVqRBqE2eF5fQ%2F8m8iLeBTtB0kfeLeIz1DKCywvRsYq2IetrPAjJV7%2FHRkAQwFPKriI%2F9kp6c3%2B4uAcx23f1Eq2moSPBZueXmJ8M%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6217caa2dae64ac8-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed: </css/inner.css>,</inner.js>

POST
H2 200 insert Show response
cloudfastads.ru/statistics/iframe/ 335 B
627 B 33ms
33ms Fetch
application/json 2606:4700:3030::6815:526e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudfastads.ru/statistics/iframe/insert

Requested by

Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200b0d3bab368c51516ae5951fdfbd402efc9304a514ef8d3ac04b380c89922a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-xss-protection: 1; mode=block
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0842bcf9cb00004ac80c89c000000001
referrer-policy: no-referrer-when-downgrade
server: cloudflare
etag: W/"14f-yABqV/OHx5ZMfeDDJtjacptr4ck"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uJi0NF9JsP4b0Y9My2Vsve%2BRN4PZyl4eX0rkoi2JQk7UdiwdyWSA%2BJ4U9nAOqSfoTM5M%2Bna%2FZFRhgasCTQuY%2BnC2%2FCcs2r%2Bw1ThNjjdeF7gp5VNxh1ICtksrvrE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://izzylaif.com
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
cf-ray: 6217caa2dae54ac8-FRA

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
64 KB 49ms
48ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6a83f8baa9d1ed00994bae27f6a6d2990283f253536e11d46320fef8faaf40dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 20:11:42 GMT
etag: "6026df5a-ffaa"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65450
expires: Sun, 14 Feb 2021 16:23:39 GMT

POST
H2 200 firstvisible Show response
cloudfastads.ru/statistics/iframe/ 335 B
536 B 48ms
47ms Fetch
application/json 2606:4700:3030::6815:526e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudfastads.ru/statistics/iframe/firstvisible

Requested by

Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9279700a728e5392a7bf979da8b7b8ab7fa4a1e1e23ca8be7f3d9069daa75d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-xss-protection: 1; mode=block
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0842bcf9cc00004ac82cb98000000001
referrer-policy: no-referrer-when-downgrade
server: cloudflare
etag: W/"14f-7HQRvxfa+4d9nRWPMLXlzKhZk1M"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=986h1P39EwrlBCJZMUkuMl6EMOn%2Frwc6HEhP2G4u1e0zKpJWo9K6WSktbxWoV4vLatfl4RV4fh8wNw1w0P5R0rk%2B2d0DFwmB21lIxZda%2BHV5rHROYbKIKIyTPrE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://izzylaif.com
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
cf-ray: 6217caa2daec4ac8-FRA

POST
H2 200 visible Show response
cloudfastads.ru/statistics/iframe/ 335 B
544 B 32ms
32ms Fetch
application/json 2606:4700:3030::6815:526e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudfastads.ru/statistics/iframe/visible

Requested by

Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9279700a728e5392a7bf979da8b7b8ab7fa4a1e1e23ca8be7f3d9069daa75d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-xss-protection: 1; mode=block
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0842bcf9cc00004ac81eb4a000000001
referrer-policy: no-referrer-when-downgrade
server: cloudflare
etag: W/"14f-7HQRvxfa+4d9nRWPMLXlzKhZk1M"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=azy0XLOG7OVWSbokJoPT2lwI60H4mjraLqgujfpnqlGcODGXZHKzHYT7yMNw1J15p7y0anM%2Fyx0umOKL7K2kLANo4rE6%2BtMwyWXsZ83O5I7MAp8gEmWZDpj9UNM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://izzylaif.com
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
cf-ray: 6217caa2eaee4ac8-FRA

GET
H2 200 2
www.acint.net/pxl/ 43 B
224 B 29ms
28ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/2?dp=80&id=15883.35800.161115190.0.4.61&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=1613316219
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 282ms
282ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A15883%2C%22sc%22%3A0%2C%22pl%22%3A35800%2C%22ev%22%3A%22ad%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=1613316219
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 inner.css
cloudfastads.ru/css/ Frame 54FF 50 KB
15 KB 2ms
0ms Stylesheet
text/css 2606:4700:3030::6815:526e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudfastads.ru/css/inner.css

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/go.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c3858c45fe747575480c8fa1d0769d9bf4a3f277b5609a9b4e2d3aa0c79e682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://cloudfastads.ru
Referer: https://cloudfastads.ru/data/iframe/29058/desktop/5d67b88f5b42dd1803ea7201
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 440989
cf-polished: origSize=51771
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0842bcf9ef00004ac836826000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 12:53:40 GMT
server: cloudflare
etag: W/"6006d654-ca3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R%2ByUGKoUoqIAgpj7CC9ptqazPiQrHAO9b8lsH13ZhvDvWeP3L5ndse1qesommgUCkxHr3vzKcBHRsVGSVz24wc%2FVdiHEY94iG43tDXmGLzLtKMuegJcN2FqmmK8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cf-bgj: minify
x-xss-protection: 1; mode=block
cache-control: max-age=604800
cf-ray: 6217caa31b514ac8-FRA
expires: Tue, 16 Feb 2021 12:53:50 GMT

GET
H2 200 inner.js Show response
cloudfastads.ru/ Frame 54FF 159 KB
49 KB 8ms
0ms Script
application/javascript 2606:4700:3030::6815:526e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudfastads.ru/inner.js

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/go.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b71c3ce6db57de1fcc2a3f5dd7b61e2941db77071698e832b825b902cbaebadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://cloudfastads.ru
Referer: https://cloudfastads.ru/data/iframe/29058/desktop/5d67b88f5b42dd1803ea7201
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 496916
cf-polished: origSize=162961
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0842bcf9ef00004ac83e1ee000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 12:53:40 GMT
server: cloudflare
etag: W/"6006d654-27c91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oWN6xmtNM2NGbQyxIusEFuUm7aTzVZyctqm%2By50twZhdagVsMZIdahXMT8sb4K%2FkSfuMzF0je3Q9x%2BovUg3s1183ST7JTCD0TkRD%2BCquPtbDMwGuJRzLjmnEBAE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
cf-bgj: minify
x-xss-protection: 1; mode=block
cache-control: max-age=604800
cf-ray: 6217caa31b534ac8-FRA
expires: Mon, 15 Feb 2021 21:21:43 GMT

GET
H2 200 tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/ Frame 54FF 2 KB
1 KB 31ms
14ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/tiny-slider.css

Requested by

Host: cloudfastads.ru
URL: https://cloudfastads.ru/data/iframe/29058/desktop/5d67b88f5b42dd1803ea7201

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cloudfastads.ru/data/iframe/29058/desktop/5d67b88f5b42dd1803ea7201
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4361166
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 573
cf-request-id: 0842bcfa0e0000c2f9d19c1000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-882"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2NpUW1Cex6G%2ByKWuXU07L4Hwy0t9eyaiCfIcq056S4ThoVn05CqyqyUF6Nca9ws1Dc1AaESEd5Nk2%2FvlSGcvteYB4%2FpnLUmCjmYgtgZja9BBQp%2FoW1IEmx6xoHbDefjtNQ%3D%3D"}],"max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6217caa34df6c2f9-FRA
expires: Fri, 04 Feb 2022 15:23:39 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 54FF 4 KB
1 KB 44ms
28ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext

Requested by

Host: cloudfastads.ru
URL: https://cloudfastads.ru/data/iframe/29058/desktop/5d67b88f5b42dd1803ea7201

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dac82c181db29f567f8c6a98cb9dfc7cede1f4972031d27e374eb50cb6c23b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 14 Feb 2021 15:15:33 GMT
server: ESF
date: Sun, 14 Feb 2021 15:23:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Feb 2021 15:23:39 GMT

GET
H2 200 openplayer.min.css
cdn.jsdelivr.net/npm/openplayerjs@1.16.9/dist/ Frame 54FF 70 KB
23 KB 21ms
6ms Stylesheet
text/css 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/openplayerjs@1.16.9/dist/openplayer.min.css

Requested by

Host: cloudfastads.ru
URL: https://cloudfastads.ru/data/iframe/29058/desktop/5d67b88f5b42dd1803ea7201

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c5fbf3809ed1ab50c30ecc23c624baa3fff69c9719c79c923f0f4f5cff079f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://cloudfastads.ru
Referer: https://cloudfastads.ru/data/iframe/29058/desktop/5d67b88f5b42dd1803ea7201
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 404666
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 23399
etag: W/"11621-yg3XYBhVRGXjbc1WIfxGlAXb8zg"
x-served-by: cache-fra19125-FRA
date: Sun, 14 Feb 2021 15:23:39 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 54FF 6 KB
718 B 44ms
29ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap&subset=cyrillic

Requested by

Host: cloudfastads.ru
URL: https://cloudfastads.ru/css/inner.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5dadc77cd1a6535fc8d39dc4507d787e1b42bf53278e6a29c99c2fb230f559f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cloudfastads.ru/css/inner.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 14 Feb 2021 15:19:39 GMT
server: ESF
date: Sun, 14 Feb 2021 15:23:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Feb 2021 15:23:39 GMT

GET
DATA 200
OK truncated
/ Frame 54FF 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 400x300.jpg
i.cloudfastads.ru/rect/601d68090bbda55a2c534fab/ Frame 54FF 23 KB
23 KB 43ms
35ms Image
image/jpeg 2606:4700:3030::6815:526e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cloudfastads.ru/rect/601d68090bbda55a2c534fab/400x300.jpg
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e86fcec892d423a2ce48df59285c60a2fb0091dbd31a25bff950f2ac9b623a21

Request headers

Referer: https://cloudfastads.ru/data/iframe/29058/desktop/5d67b88f5b42dd1803ea7201
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:39 GMT
cf-cache-status: BYPASS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23087
cf-request-id: 0842bcfa4e00004ac842183000000001
last-modified: Fri, 05 Feb 2021 16:02:06 GMT
server: cloudflare
etag: "601d6bfe-5a2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CpAph8j9Ox3F%2B4edT3GO307%2BgV%2FOaWY4stqcNa%2B54qwUxwpEEQwENoOdeMelnx6Lw5rZn%2BXxrua4Gxsso2Ory7UePq61X7s5z%2Bp2Ifgf7trQJeHR%2F6LKgrOYL32%2BRQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400, private, max-age=3600, stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 6217caa3ac9e4ac8-FRA
expires: Mon, 15 Feb 2021 15:23:39 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 54FF 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cloudfastads.ru
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 15:30:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:10 GMT
server: sffe
age: 604364
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6824
x-xss-protection: 0
expires: Mon, 07 Feb 2022 15:30:55 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 54FF 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cloudfastads.ru
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 05:54:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 466145
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 09 Feb 2022 05:54:34 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 54FF 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cloudfastads.ru
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 16:25:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 514694
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 08 Feb 2022 16:25:25 GMT

GET
H2 200 50292898 Show response
mc.yandex.ru/watch/ 186 B
221 B 50ms
49ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/50292898?wmode=7&page-url=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A179%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A3%3Adp%3A0%3Als%3A709047442812%3Ahid%3A273178402%3Az%3A60%3Ai%3A20210214162339%3Aet%3A1613316220%3Ac%3A1%3Arn%3A255718847%3Au%3A16133162181034902306%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613316217642%3Awv%3A2%3Ads%3A0%2C0%2C53%2C1%2C72%2C71%2C1%2C22%2C0%2C%2C%2C%2C151%3Adsn%3A0%2C0%2C54%2C0%2C71%2C71%2C1%2C24%2C0%2C%2C%2C%2C150%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613316220%3At%3ADownload%20Page

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ee7352976e09126f01e1f854e156fa6fee671f995e79adb72fe923980222dcec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:23:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 14-Feb-2021 15:23:39 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://izzylaif.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Sun, 14-Feb-2021 15:23:39 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/50292898/ 43 B
73 B 49ms
48ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/50292898/1?page-url=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A3%3Adp%3A0%3Als%3A709047442812%3Ahid%3A273178402%3Az%3A60%3Ai%3A20210214162339%3Aet%3A1613316220%3Ac%3A1%3Arn%3A365668777%3Au%3A16133162181034902306%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613316217642%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613316220

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:23:39 GMT
last-modified: Sun, 14-Feb-2021 15:23:39 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://izzylaif.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 14-Feb-2021 15:23:39 GMT

POST
H2 200 visible Show response
cloudfastads.ru/statistics/teaser/ 383 B
1002 B 188ms
188ms Fetch
application/json 2606:4700:3030::6815:526e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudfastads.ru/statistics/teaser/visible

Requested by

Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:526e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7522988593917f8381e8644588eca3853a8b5a68c98320a1ae7d528b79880d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 Feb 2021 15:23:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-xss-protection: 1; mode=block
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0842bcfdac00004ac87c127000000001
referrer-policy: no-referrer-when-downgrade
server: cloudflare
etag: W/"17f-4yvAWoAutDv8k8AQaAlhgakZC3w"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=00MtIzbNIY7zvBzanNa4zIA8dnQE8v0%2BMA0luiQeImj1skZe0gk1u7Tr9TcnJduRVFhKtfb7LC9zqRL61cmPrjE1HeII7DDm7c84qrNFiaKGNB6hIs1h2mWZkZU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://izzylaif.com
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
cf-ray: 6217caa918684ac8-FRA

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 27ms
27ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.3.0&uid=32c2e5e6-86a2-4dcc-9e5d-a32ad81b774d&dp=14&tz=%2B01%3A00&nc=97539140&dT=2021-02-14T16%3A23%3A41.221
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 28ms
27ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A15883%2C%22sc%22%3A0%2C%22pl%22%3A35800%2C%22ev%22%3A%22vis100%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=1613316221
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 28ms
28ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=80&cd=%7B%22st%22%3A15883%2C%22sc%22%3A161115190%2C%22pl%22%3A35800%2C%22ev%22%3A%22view100%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=1613316221
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 6
www.acint.net/pxl/ 43 B
342 B 27ms
27ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/6?dp=80&id=15883.35800.161115190.0.4.61&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=1613316239
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 5
www.acint.net/pxl/ 43 B
342 B 27ms
27ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/5?dp=61&id=15883.35800.161115191.0.5.0&sid=6029407a-2000-00kn-ojz1-rw5n5xxdtebv&ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&r=1613316239
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/go.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:23:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 50ms
32ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Feb 2021 15:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6433
x-xss-protection: 0

GET
H2 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 36ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 14 Feb 2021 15:24:00 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 70DB 12 KB
5 KB 35ms
21ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://izzylaif.com/go.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://izzylaif.com/go.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 14 Feb 2021 15:23:56 GMT
expires: Mon, 14 Feb 2022 15:23:56 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js
pagead2.googlesyndication.com/bg/ Frame 70DB 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 16:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 82172
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6215
x-xss-protection: 0
expires: Sun, 13 Feb 2022 16:34:28 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 42ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=329793659537166&bg=!8vGl8bLNAAXRs2QT0TsAKQB2-Dxam3zVi5bc-9tTNCySxqhixo55lkErreP8AnKiE_3QO9ku0rmvAgAAAFBSAAAADmgBBwoAs238lwyBEk6st3zQYoRb7F8-BBcr9OsRsKh44qhym4f5EwtK0Nx-CT5nTMVUDS-20VRy6DewuFWAUd2TlyJCh3KWXWtN9xC1WiIwe0IPn4W8_MCkQCVEsvb8XZ3x6I5OQ68pW11PnuxdPN0EbPwxM61qfZc0S8NcLWcj2r9F7z4VJxurH9HG9tX7ktm-OX9XjYnpO4m4UF4FXxLuAarhKPj7XSte979apZbXXFLz-IkFT4sQmQHTIEZpxeI4nK7BZYTLr-raW9eDGUq4RuiPtHIlIRaelbxZAm-KvKbMOCx4EskxElhwRVc3wtNMtlcgIGRxlYzi-HDdaXN6zeXWnlrYa-epDbCGhMpRBgGPrMc5q5q54NVkmVBJx3pSQ33tFvsBB506fggBIaZZ-fHq9hx5tvIKj6WGp334hljV38WW43r2JuX_sGt9tf01BIL6jadnvF0KPsD_xS_Way-9nfSomnXoCdtz94KLi1G_eN28aSPJE5MVPSCzmaN0pRhB60AylRc1jo629LlzJxHP45eUqfpPvKn8RuihEY0YyKt8Q-O_U16FRmtOEBVlo3YR_ooF4B8ZKNlwQDdKoBwhpD7TfVeOuWcB50bUlCZyGSGknzwABIsSXdZhTs-W4fU7rU0_zXhzeB-KG_vWik-b1KK1bT0Nb1vVr5dYtg7un6PzMxxqlhwFrjsPmE0aSDU72-s6DLT18XzKZ1TxSqNcFzpl28AH4sCfXgEChVxbSidY0SCsk484Wz09n_tuq9CEn8DzdrJq2QTLLbyk8Es0_LvmFwISDDiO14ZCm5dUOEGf_eK-Kv0hBinNGoBuHio7mJucSqTWGCE4TjT3kBEoABUfTT92DCWnE4o

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:24:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 28ms
28ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.3.0&uid=32c2e5e6-86a2-4dcc-9e5d-a32ad81b774d&dp=14&tz=%2B01%3A00&nc=77584786&dT=2021-02-14T16%3A24%3A01.222
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash

Request headers

Referer: https://izzylaif.com/go.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:24:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 Primary Request / Show response
izzylaif.com/ 8 KB
2 KB 104ms
104ms Document
text/html 2606:4700:3033::6815:57d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://izzylaif.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:57d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69776d8d840f5acf7f8f9b082fd77fef27653204a83ec7924eaf70f2d0073c3d

Request headers

:method: GET
:authority: izzylaif.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://izzylaif.com/go.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://izzylaif.com/go.php

Response headers

date: Sun, 14 Feb 2021 15:24:08 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d84801f79e1e184eb1ce266c50ce2f3161613316248; expires=Tue, 16-Mar-21 15:24:08 GMT; path=/; domain=.izzylaif.com; HttpOnly; SameSite=Lax; Secure
refresh: 5; URL = http://www.youtube.com/subscription_center?add_user=EasyyyLife
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0842bd6cf600004aaa7c154000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4MI0IoNMpPAK9SVSPZq7MaAaE%2FCp0KsIHTJu43cvEX0I9lVdWsxBHqHTTX2FKRAR6K8R4c6%2Fxootj6%2BnM6owNXHVDH7cwENlwSoJwHEIWwam6BJM0%2BOC%2BL8%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6217cb5b2f0e4aaa-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 2 KB
626 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat&display=swap

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd4637feac159f8b59833e72839ea36cfa44d0def0007e8ef4d3a31a43a8d5d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 14 Feb 2021 15:15:15 GMT
server: ESF
date: Sun, 14 Feb 2021 15:24:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Feb 2021 15:24:08 GMT

GET
H2 200 rukozhop.png
izzylaif.com/ru/wp-content/uploads/2020/02/ 145 KB
146 KB 217ms
216ms Image
image/png 2606:4700:3033::6815:57d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://izzylaif.com/ru/wp-content/uploads/2020/02/rukozhop.png
Requested by: Host: izzylaif.com
URL: https://izzylaif.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:57d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ef3a32d6dcffadd6d016aed79df07858baf15b41cd17802e1946cb9bec2d5a4

Request headers

Referer: https://izzylaif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:24:09 GMT
cf-cache-status: MISS
last-modified: Fri, 31 Jul 2020 23:43:41 GMT
server: cloudflare
etag: "24523-5abc55bdd78bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FfQswXIen7LJNHmdMeEnkljl7wzVCZTjUHkXPu3X7kTC7IxqTaJl0Ps3TJ6wp73i9SeoMCx7I2b0G4eX7h6MiJLxrXRihXMBCjb9axx5N1xKoSAeLm44nUE%3D"}],"max_age":604800}
content-type: image/png
cache-control: max-age=432000
nel: {"max_age":604800,"report_to":"cf-nel"}
accept-ranges: bytes
cf-ray: 6217cb5bd9244aaa-FRA
content-length: 148771
cf-request-id: 0842bd6d6900004aaa3bb84000000001

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://izzylaif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3505
date: Sun, 14 Feb 2021 14:25:43 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 14 Feb 2021 16:25:43 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 118 KB
41 KB 49ms
48ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f8da8cf51991751a899ade13231b19579025cd9017cdf01b882c4070f7f1719e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://izzylaif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:24:08 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 20:11:42 GMT
etag: "6026df5a-a2de"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 41694
expires: Sun, 14 Feb 2021 16:24:08 GMT

GET
H/1.1 200
OK code.js Show response
top-fwz1.mail.ru/js/ 21 KB
9 KB 187ms
62ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

Software

nginx /

Resource Hash

94cf658d2c7345f5472d9d4514ade118d9f9bed0d50a5fc4a02fb9dcd2c8d8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://izzylaif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Feb 2021 15:24:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Wed, 09 Dec 2020 16:09:03 GMT
Server: nginx
ETag: W/"5fd0f69f-5361"
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: max-age=3600, private
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60
Expires: Sun, 14 Feb 2021 16:24:09 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
378 B 43ms
28ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1690260025&utmhn=izzylaif.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9F%D0%B5%D1%80%D0%B5%D0%BA%D0%BB%D1%8E%D1%87%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%20%D0%AF%D0%B7%D1%8B%D0%BA%D0%B0%20%7C%20Language%20Switcher&utmhid=1316127650&utmr=0&utmp=%2F&utmht=1613316248982&utmac=UA-28214854-5&utmcc=__utma%3D161281509.2011419433.1613316249.1613316249.1613316249.1%3B%2B__utmz%3D161281509.1613316249.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=914356250&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://izzylaif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:24:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v15/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://izzylaif.com
Referer: https://fonts.googleapis.com/css?family=Montserrat&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 15:39:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:59 GMT
server: sffe
age: 344668
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8108
x-xss-protection: 0
expires: Thu, 10 Feb 2022 15:39:40 GMT

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://izzylaif.com
Referer: https://fonts.googleapis.com/css?family=Montserrat&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 15:30:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 604393
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Mon, 07 Feb 2022 15:30:55 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/15024994/
Redirect Chain

https://mc.yandex.ru/watch/15024994?wmode=7&page-url=https%3A%2F%2Fizzylaif.com%2F&page-ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjb%3...
https://mc.yandex.ru/watch/15024994/1?wmode=7&page-url=https%3A%2F%2Fizzylaif.com%2F&page-ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjb...

167 B
234 B

50ms
50ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/15024994/1?wmode=7&page-url=https%3A%2F%2Fizzylaif.com%2F&page-ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjb%3Afp%3A173%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A624133544944%3Ahid%3A910047378%3Az%3A60%3Ai%3A20210214162409%3Aet%3A1613316249%3Ac%3A1%3Arn%3A288957184%3Au%3A1613316249835218733%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613316248819%3Ads%3A0%2C0%2C104%2C1%2C0%2C0%2C%2C6%2C0%2C%2C%2C%2C117%3Adsn%3A0%2C0%2C104%2C0%2C0%2C0%2C%2C12%2C0%2C%2C%2C%2C117%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613316249%3At%3A%D0%9F%D0%B5%D1%80%D0%B5%D0%BA%D0%BB%D1%8E%D1%87%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%20%D0%AF%D0%B7%D1%8B%D0%BA%D0%B0%20%7C%20Language%20Switcher

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

2223adc5528eff6eef3f0046096d000238f7f466d842283580d4da32b849eef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://izzylaif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:24:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 14-Feb-2021 15:24:09 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://izzylaif.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sun, 14-Feb-2021 15:24:09 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Feb 2021 15:24:09 GMT
last-modified: Sun, 14-Feb-2021 15:24:09 GMT
location: /watch/15024994/1?wmode=7&page-url=https%3A%2F%2Fizzylaif.com%2F&page-ref=https%3A%2F%2Fizzylaif.com%2Fgo.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjb%3Afp%3A173%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A624133544944%3Ahid%3A910047378%3Az%3A60%3Ai%3A20210214162409%3Aet%3A1613316249%3Ac%3A1%3Arn%3A288957184%3Au%3A1613316249835218733%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613316248819%3Ads%3A0%2C0%2C104%2C1%2C0%2C0%2C%2C6%2C0%2C%2C%2C%2C117%3Adsn%3A0%2C0%2C104%2C0%2C0%2C0%2C%2C12%2C0%2C%2C%2C%2C117%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613316249%3At%3A%D0%9F%D0%B5%D1%80%D0%B5%D0%BA%D0%BB%D1%8E%D1%87%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%20%D0%AF%D0%B7%D1%8B%D0%BA%D0%B0%20%7C%20Language%20Switcher
strict-transport-security: max-age=31536000
access-control-allow-origin: https://izzylaif.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 14-Feb-2021 15:24:09 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
120 B 48ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: izzylaif.com
URL: https://izzylaif.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://izzylaif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 15:24:09 GMT
last-modified: Fri, 12 Feb 2021 20:11:42 GMT
etag: "6026df5a-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 14 Feb 2021 16:24:09 GMT

POST
H/1.1 200
OK counter
top-fwz1.mail.ru/ 43 B
1 KB 61ms
61ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2557301;u=https%3A//izzylaif.com/;r=https%3A//izzylaif.com/go.php;st=1613316248936;title=%D0%9F%D0%B5%D1%80%D0%B5%D0%BA%D0%BB%D1%8E%D1%87%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%20%D0%AF%D0%B7%D1%8B%D0%BA%D0%B0%20%7C%20Language%20Switcher;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=c94cc966903f4006;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1613316249127%3A1613316249143%3A1%3A4fb7d8e35097bfc1258d9f722937c96d;_=0.9313135689796954

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://izzylaif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 14 Feb 2021 15:24:09 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://izzylaif.com
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://izzylaif.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://izzylaif.com
Keep-Alive: timeout=60

POST
H/1.1 200
OK tracker
top-fwz1.mail.ru/ 43 B
1 KB 91ms
62ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2557301;u=https%3A//izzylaif.com/;r=https%3A//izzylaif.com/go.php;st=1613316248936;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=c94cc966903f4006;ver=60.3.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1613316248819/108/108///0/0/0/0/0//1/105/106/111/117/117/117/357/357/;ni=10//4g/0/0/;lvid=1613316249127%3A1613316249177%3A2%3A4fb7d8e35097bfc1258d9f722937c96d;_=0.4076307400444883;e=RT/load;et=1613316249176

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://izzylaif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 14 Feb 2021 15:24:09 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://izzylaif.com
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://izzylaif.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://izzylaif.com
Keep-Alive: timeout=60

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: httpss://www.google-analytics.com/ga.js

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cloudfastads.ru/app.js(Line 1) Message: ~===== METRIKA LOADED !!!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f7a402960f003bc9902ecdc80-sp.ops.beeline.ru
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.com.ru
an.yandex.ru
api.advarkads.com
cdn-rtb.sape.ru
cdn.jsdelivr.net
cdnjs.cloudflare.com
cloudfastads.ru
cm.g.doubleclick.net
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.cloudfastads.ru
izzylaif.com
match.new-programmatic.com
matchid.adfox.yandex.ru
mc.yandex.ru
p1.dircont3.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.alfasense.com
ps.ntvk1.ru
ps5.ntvk1.ru
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
rtb.beroll.ru
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssl.google-analytics.com
ssp-rtb.sape.ru
ssp.adriver.ru
stat.adlabs.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
ut.rktch.com
www.acint.net
www.google-analytics.com
www.googletagservices.com
x01.aidata.io
yastatic.net
www.google-analytics.com
109.248.237.36
142.250.185.130
144.76.118.200
159.69.74.7
176.99.5.102
185.15.175.133
185.15.175.134
188.34.131.134
188.42.191.196
188.42.29.81
193.232.121.29
193.232.148.150
194.176.118.216
194.190.117.93
195.201.106.117
195.201.243.72
195.209.108.37
213.87.44.207
216.58.212.162
217.65.2.150
217.66.147.166
217.69.133.145
23.111.100.228
2606:4700:10::6816:557
2606:4700:3030::6815:526e
2606:4700:3033::6815:57d
2606:4700::6810:135e
2a00:1148:db00::17
2a00:1450:4001:809::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::90
2a02:6ea0:c700::1
2a04:4e42:3::621
31.172.81.158
31.172.81.159
31.220.27.134
35.190.16.14
37.18.16.23
37.9.245.57
80.64.106.147
81.222.128.215
82.202.224.34
88.212.201.204
88.99.214.77
89.108.119.43
93.95.102.105
95.163.37.253
95.211.66.35
95.213.133.115
0201d1064850de72374dbf90244a5bfcc7f38d8adfd82dd733255385259ab402
020845d22d3b3faf4203a9d6791bd61b2b16301c35973eabf39390b30b5aa44f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
09e925f0a4e34c7c5985c3f5e4695c680edaa8fcef5ac2cc63e0dca7219fcbf7
0bf91ea7fbb41113300ad53e5a4774576ee21e7de77a091b0913a2fce2df8f5f
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
146834fcc5c7ca4b5b170f3ca453644b76244958ad84109ddc61063c6411b811
1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475
200b0d3bab368c51516ae5951fdfbd402efc9304a514ef8d3ac04b380c89922a
2223adc5528eff6eef3f0046096d000238f7f466d842283580d4da32b849eef4
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25a66d031462f15f08014af7627a96382a54ce471ece928fd0bd4b699e901789
26d609542fb9d29d7e6a4fceacb14cd7c04ef6634a2661430f61664937cd4632
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d06e396ae3e665587c28f5ab65944261d284a6d4597f89f741c12ed8354bd5d
2dac82c181db29f567f8c6a98cb9dfc7cede1f4972031d27e374eb50cb6c23b6
2e0e878a41cbf1c2aa09176ad0afe985d53fa958f7b191e8bba15089f6c29c7b
32fceabe4bb6e7f5fc55d41822b1abb34a412831a496eeaff2bf6999cd13819d
35d8a7f8b8931366f373641fb07fb19caaa7c291b3e83e5d2bd9ed19361ee5c8
3dd0f99522a8917891c81455399e06fe7f18f2c7e07598478552520240e5bd95
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57023a19eac22f0ac9b23a81e5d0235a113151d5bf1c28888aa744f5681ae1ca
5a49726bf861ad2dbeed14284fc73e953d2e0c8760d79741829116fada42ff75
5a7b1fe1646b3d72d0de487f88d9ce6d2fb30069e838c0169e234ac73f765dec
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5df26de99e17cd17363975e53f4ca8b42c3bc263b602e419f6354ac734aa4f59
5ef3a32d6dcffadd6d016aed79df07858baf15b41cd17802e1946cb9bec2d5a4
63e46f944672d9c3dd90e1c110b18664d66e1b35b15861ac0f29efda91453157
69776d8d840f5acf7f8f9b082fd77fef27653204a83ec7924eaf70f2d0073c3d
6a3ae6bfa989d3fd7e015d572fcb4bc5c096bbdc9670fd4b7456846199901baa
6a83f8baa9d1ed00994bae27f6a6d2990283f253536e11d46320fef8faaf40dd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99
74dcd398eafd7dbc3d07b76625839f63f464de97b26adca97ac30883cf79b0d9
7522988593917f8381e8644588eca3853a8b5a68c98320a1ae7d528b79880d3c
7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e
7c3858c45fe747575480c8fa1d0769d9bf4a3f277b5609a9b4e2d3aa0c79e682
7e39d9191134921c335590a3d18039af126d49574f76e98fdf651b348c29eb28
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
8293f4717c10a964f1b2f8761128620cd3e78448f94e641609537662ad660b01
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
93f47b36f9f82fba4c2edfc29f3325a839e76f94e5ab93c2cf7332313a71b26a
94cf658d2c7345f5472d9d4514ade118d9f9bed0d50a5fc4a02fb9dcd2c8d8c6
a9847670fb20796b03a06dcd38e3c17edb133f51f6d4e09e504db4cd3f9584fd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2182afbbf351369e6059cbc7906439bdea995b9823f18fed49080d26c13d610
b70d01f27bdd33d7b7f07b1cd626a8eba39997df7fd36ffc6ac60616197e1cfa
b71c3ce6db57de1fcc2a3f5dd7b61e2941db77071698e832b825b902cbaebadc
bb975fe56115699466f36c32759624f494b7a72ee3271ae804374b5fad768ead
bfcaa723a9ceaa4a6c48114b98379d9dbd86dd4f8bd2472df9307394f6f2c9a3
c5dadc77cd1a6535fc8d39dc4507d787e1b42bf53278e6a29c99c2fb230f559f
c5fbf3809ed1ab50c30ecc23c624baa3fff69c9719c79c923f0f4f5cff079f38
c92d2b76ea3e5eb9bc3b02099fd8bfdc47a92b2a590b1b271c8a932c40fa3a76
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d271094710b763c57648acad0b4fec139eccc6d6efe3b2dff392f79c0f0a63a3
dd4637feac159f8b59833e72839ea36cfa44d0def0007e8ef4d3a31a43a8d5d9
de9279700a728e5392a7bf979da8b7b8ab7fa4a1e1e23ca8be7f3d9069daa75d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67c43ebe2ee808b1fa8c5281fa07ee36bcad76632db7890e054f8e91eb13ca7
e86fcec892d423a2ce48df59285c60a2fb0091dbd31a25bff950f2ac9b623a21
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ee7352976e09126f01e1f854e156fa6fee671f995e79adb72fe923980222dcec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27f3edf7ed38e2f653f3a85b03a12e0262409bcfde05b5914b5c006e905eea4
f2e1f4095c30b565126b0291b04b69429e245f568e1ab4e15604e70f41fd8b9f
f8da8cf51991751a899ade13231b19579025cd9017cdf01b882c4070f7f1719e
fb614b5308a1d217e5b5eb67799f891eaa164eb0f4f9f90008a52b8e3e49bb13

izzylaif.com Open in urlscan Pro 2606:4700:3033::6815:57d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

98 %HTTPS

34 %IPv6

48 Domains

62 Subdomains

46 IPs

5 Countries

1189 kBTransfer

3288 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

izzylaif.com Open in urlscan Pro
2606:4700:3033::6815:57d Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

98 %
HTTPS

34 %
IPv6

48
Domains

62
Subdomains

46
IPs

5
Countries

1189 kB
Transfer

3288 kB
Size

0
Cookies

139 HTTP transactions
0 data transactions