www.paladiny.ru Open in urlscan Pro
146.185.148.189 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paladiny.ru/
Effective URL:
http://www.paladiny.ru/index.dwar.php
Submission: On January 24 via api (January 24th 2024, 10:39:55 pm UTC) from US — Scanned from US

Summary HTTP 258 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 45 IPs in 7 countries across 52 domains to perform 258 HTTP transactions. The main IP is 146.185.148.189, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is www.paladiny.ru.

This is the only time www.paladiny.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25 84	146.185.148.189 146.185.148.189	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
22	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
3	178.22.89.12 178.22.89.12	47764 (VK-AS) (VK-AS)
9	188.93.63.157 188.93.63.157	47764 (VK-AS) (VK-AS)
1 1	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
2	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	185.12.127.130 185.12.127.130	50214 (QWARTA) (QWARTA)
1 18	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2 5	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
5 42	193.3.184.135 193.3.184.135	50214 (QWARTA) (QWARTA)
29	2607:f8b0:400... 2607:f8b0:4006:822::2006	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
4 5	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
3 6	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	68.67.160.24 68.67.160.24	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.251.40.134 142.251.40.134	15169 (GOOGLE) (GOOGLE)
5 7	193.3.184.211 193.3.184.211	50214 (QWARTA) (QWARTA)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:808::200a	15169 (GOOGLE) (GOOGLE)
2 2	193.232.150.60 193.232.150.60	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	195.209.108.56 195.209.108.56	52007 (ADRIVER) (ADRIVER)
2	81.222.128.213 81.222.128.213	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:20:... 2606:4700:20::681a:6bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.230.131.22 37.230.131.22	200197 (HYBRID-PO...) (HYBRID-POLAND)
2	185.15.175.147 185.15.175.147	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	194.55.244.179 194.55.244.179	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
2 2	148.251.129.43 148.251.129.43	24940 (HETZNER-AS) (HETZNER-AS)
1 1	94.228.127.171 94.228.127.171	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1 1	83.222.96.170 83.222.96.170	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2 2	5.189.234.227 5.189.234.227	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1 1	188.72.107.205 188.72.107.205	208677 (CLOUDRU-AS) (CLOUDRU-AS)
2 2	96.46.186.59 96.46.186.59	7979 (SERVERS-COM) (SERVERS-COM)
1 1	176.122.21.139 176.122.21.139	48096 (ITGRAD) (ITGRAD)
2 2	217.66.147.38 217.66.147.38	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
4 4	217.66.147.37 217.66.147.37	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
3 4	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1 1	167.235.33.113 167.235.33.113	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.109.65.187 65.109.65.187	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1 1	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1 2	188.42.105.236 188.42.105.236	7979 (SERVERS-COM) (SERVERS-COM)
4 6	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	62.109.24.241 62.109.24.241	29182 (RU-JSCIOT) (RU-JSCIOT)
1	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 2	94.130.221.58 94.130.221.58	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.111.107.44 23.111.107.44	39134 (UNITEDNET) (UNITEDNET)
1 1	167.235.9.235 167.235.9.235	24940 (HETZNER-AS) (HETZNER-AS)
1	174.137.133.32 174.137.133.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	158.160.128.78 158.160.128.78	200350 (YANDEXCLOUD) (YANDEXCLOUD)
2 3	83.222.117.90 83.222.117.90	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
2 2	217.199.220.44 217.199.220.44	61400 (NETRACK-AS) (NETRACK-AS)
1 1	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
2 2	185.40.31.213 185.40.31.213	61400 (NETRACK-AS) (NETRACK-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
1	91.192.148.36 91.192.148.36	42481 (BEGUN-AS) (BEGUN-AS)
1 1	45.139.25.122 45.139.25.122	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
1 2	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4007:807::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
1	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4000:19::8	15169 (GOOGLE) (GOOGLE)
2	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
1	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:215f:7e00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	185.15.175.134 185.15.175.134	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
258	45

84 146.185.148.189 (Amsterdam, Netherlands) 25 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: nihost.ru

paladiny.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paladiny.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4006:80d::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.22.89.12 (Moscow, Russian Federation)

ASN47764 (VK-AS, RU)
PTR: dragon63.ext.terrhq.ru

w2.dwar.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.93.63.157 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: 188-93-63-157.ext.terrhq.ru

w1.dwar.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dwar.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.18 (Russian Federation) 1 redirects

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.12.127.130 (Russian Federation)

ASN50214 (QWARTA, RU)

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:822::2002 (Colchester, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.163.52.67 (Russian Federation) 2 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

d4.c1.b4.a1.top.list.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 193.3.184.135 (Russian Federation) 5 redirects

ASN50214 (QWARTA, RU)
PTR: asrv319.qwarta.ru

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2607:f8b0:4006:822::2006 (Colchester, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:81c::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.24 (Jersey City, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.134 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.3.184.211 (Russian Federation) 5 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Russian Federation) 5 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:808::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.60 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp4.senders.rutube.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.56 (Russian Federation) 2 redirects

ASN52007 (ADRIVER, RU)

ev.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.213 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6bd (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.230.131.22 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.147 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.55.244.179 (Moscow, Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.129.43 (Falkenstein, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-23.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.228.127.171 (St Petersburg, Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)
PTR: da21112.timeweb.ru

s.ccsyncuuid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.222.96.170 (Russian Federation) 1 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.189.234.227 (Moscow, Russian Federation) 2 redirects

ASN50340 (SELECTEL-MSK, RU)

sync.adspend.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.107.205 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS, RU)
PTR: fr05.segmento.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.46.186.59 (United States) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.122.21.139 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.38 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-38-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.37 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-37-147-66-217.spbmts.ru

vma.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.108.120.76 (Russian Federation) 3 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.33.113 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.113.33.235.167.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.65.187 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.187.65.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.105.236 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.172.81.159 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pix.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.109.24.241 (Moscow, Russian Federation) 1 redirects

ASN29182 (RU-JSCIOT, RU)
PTR: sync05.platforma.id

7b305d24-bb09-11ee-bbb1-002590c82436.n5.sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.221.58 (Reilingen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.58.221.130.94.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.9.235 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.235.9.235.167.clients.your-server.de

match.ohmy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.160.128.78 (Moscow, Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

sync.programmatica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 83.222.117.90 (Russian Federation) 2 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.199.220.44 (Russian Federation) 2 redirects

ASN61400 (NETRACK-AS, RU)
PTR: s4.kimberlite.io

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.193.58.13 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.40.31.213 (Moscow, Russian Federation) 2 redirects

ASN61400 (NETRACK-AS, RU)

sync.dsp.solta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.148.36 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: sync.rambler.ru

sync.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.139.25.122 (Moscow, Russian Federation) 1 redirects

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

ssp.afp.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2004 (Colchester, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4007:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200e (Colchester, United States) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4000:19::8 (United States)

ASN15169 (GOOGLE, US)

r3---sn-q4fl6n6r.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.81.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215f:7e00:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.134 (Russian Federation) 4 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	paladiny.ru 25 redirects paladiny.ru www.paladiny.ru	548 KB
42	acint.net 5 redirects www.acint.net — Cisco Umbrella Rank: 25446 acint.net — Cisco Umbrella Rank: 20793	38 KB
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com — Cisco Umbrella Rank: 356	486 KB
32	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 336 gcdn.2mdn.net — Cisco Umbrella Rank: 1402 r3---sn-q4fl6n6r.c.2mdn.net — Cisco Umbrella Rank: 139753	5 MB
25	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 bid.g.doubleclick.net — Cisco Umbrella Rank: 917 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	153 KB
12	dwar.ru w2.dwar.ru w1.dwar.ru dwar.ru	505 KB
11	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	43 KB
8	mts.ru 8 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 34948 vma.mts.ru — Cisco Umbrella Rank: 37422 tech.rtb.mts.ru — Cisco Umbrella Rank: 42626	5 KB
8	sape.ru 5 redirects cdn-rtb.sape.ru — Cisco Umbrella Rank: 70671 ssp-rtb.sape.ru — Cisco Umbrella Rank: 25777	47 KB
7	yandex.com 4 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	4 KB
7	bumlam.com 5 redirects sync.bumlam.com — Cisco Umbrella Rank: 4420 pix.bumlam.com — Cisco Umbrella Rank: 97912 7b305d24-bb09-11ee-bbb1-002590c82436.n5.sync.bumlam.com	4 KB
6	digitaltarget.ru 4 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 124846 dmg.digitaltarget.ru — Cisco Umbrella Rank: 21957	22 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 485	139 KB
6	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	3 KB
5	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 10239 ad.mail.ru — Cisco Umbrella Rank: 11254	4 KB
4	aidata.io 3 redirects x01.aidata.io — Cisco Umbrella Rank: 14168	2 KB
4	adriver.ru 2 redirects ev.adriver.ru — Cisco Umbrella Rank: 31767 ssp.adriver.ru — Cisco Umbrella Rank: 27660	2 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982 an.yandex.ru — Cisco Umbrella Rank: 6258	58 KB
4	rambler.ru 1 redirects counter.rambler.ru — Cisco Umbrella Rank: 149568 kraken.rambler.ru — Cisco Umbrella Rank: 35890 sync.rambler.ru — Cisco Umbrella Rank: 41171	121 KB
3	com.ru 2 redirects adx.com.ru — Cisco Umbrella Rank: 43147	647 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	solta.io 2 redirects sync.dsp.solta.io — Cisco Umbrella Rank: 38915	444 B
2	kimberlite.io 2 redirects kimberlite.io — Cisco Umbrella Rank: 30029	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 13701	718 B
2	bidderstack.com 1 redirects nr.bidderstack.com — Cisco Umbrella Rank: 42708	769 B
2	gonet-ads.com 1 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 39250	634 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1908	1 KB
2	adspend.space 2 redirects sync.adspend.space — Cisco Umbrella Rank: 46634	641 B
2	upravel.com 2 redirects sync.upravel.com — Cisco Umbrella Rank: 37153	1 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 18494	827 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	130 KB
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 776	615 B
1	afp.ai 1 redirects ssp.afp.ai — Cisco Umbrella Rank: 30128	597 B
1	konnektu.ru 1 redirects pixel.konnektu.ru — Cisco Umbrella Rank: 80570	212 B
1	programmatica.com sync.programmatica.com — Cisco Umbrella Rank: 57533
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1634	22 B
1	ohmy.bid 1 redirects match.ohmy.bid — Cisco Umbrella Rank: 54128	288 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 103318	753 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 11938	287 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 37636	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 35560	484 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10769	207 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 20936	176 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 33704	304 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 138659	411 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 51985	169 B
1	ccsyncuuid.net 1 redirects s.ccsyncuuid.net — Cisco Umbrella Rank: 59714	200 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 23229	69 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 11851	376 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 41180	749 B
1	list.ru 1 redirects d4.c1.b4.a1.top.list.ru	976 B
258	52

	Domain	Requested by
83	www.paladiny.ru	24 redirects www.paladiny.ru
33	www.acint.net	2 redirects cdn-rtb.sape.ru www.acint.net www.paladiny.ru
29	s0.2mdn.net	www.paladiny.ru s0.2mdn.net
22	pagead2.googlesyndication.com	www.paladiny.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
18	tpc.googlesyndication.com	www.paladiny.ru googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net imasdk.googleapis.com pagead2.googlesyndication.com
16	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.paladiny.ru
9	acint.net	3 redirects www.acint.net
7	mc.yandex.com	4 redirects www.paladiny.ru
7	ssp-rtb.sape.ru	5 redirects cdn-rtb.sape.ru
6	csi.gstatic.com	imasdk.googleapis.com
6	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net www.paladiny.ru
6	w1.dwar.ru	www.paladiny.ru
5	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
4	dmg.digitaltarget.ru	4 redirects
4	x01.aidata.io	3 redirects www.acint.net
4	vma.mts.ru	4 redirects
4	top-fwz1.mail.ru	1 redirects www.paladiny.ru www.acint.net
3	adx.com.ru	2 redirects www.acint.net
3	pix.bumlam.com	2 redirects www.acint.net
3	sync.bumlam.com	2 redirects www.acint.net
3	imasdk.googleapis.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	mc.yandex.ru	1 redirects cdn-rtb.sape.ru www.paladiny.ru
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	dwar.ru	www.paladiny.ru
3	w2.dwar.ru	www.paladiny.ru
2	ade.googlesyndication.com	www.paladiny.ru
2	r3---sn-q4fl6n6r.c.2mdn.net	googleads.g.doubleclick.net www.paladiny.ru
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	sync.dsp.solta.io	2 redirects
2	kimberlite.io	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	nr.bidderstack.com	1 redirects www.acint.net
2	sync.gonet-ads.com	1 redirects www.acint.net
2	tech.rtb.mts.ru	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	ads.betweendigital.com	2 redirects
2	sync.adspend.space	2 redirects
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ssp.adriver.ru	www.acint.net
2	ev.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	ad.doubleclick.net	www.paladiny.ru
2	www.googletagservices.com	googleads.g.doubleclick.net
2	counter.rambler.ru	1 redirects www.paladiny.ru
1	d.agkn.com	www.paladiny.ru
1	googleads4.g.doubleclick.net	www.paladiny.ru
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	ssp.afp.ai	1 redirects
1	sync.rambler.ru	www.acint.net
1	ad.mail.ru	www.acint.net
1	pixel.konnektu.ru	1 redirects
1	sync.programmatica.com	www.acint.net
1	sync.adkernel.com	www.acint.net
1	match.ohmy.bid	1 redirects
1	cs.agency2.ru	1 redirects
1	an.yandex.ru	www.acint.net
1	7b305d24-bb09-11ee-bbb1-002590c82436.n5.sync.bumlam.com	1 redirects
1	counter.yadro.ru	1 redirects
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	s.ccsyncuuid.net	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	d4.c1.b4.a1.top.list.ru	1 redirects
1	kraken.rambler.ru	www.paladiny.ru
1	cdn-rtb.sape.ru	www.paladiny.ru
1	paladiny.ru	1 redirects
258	78

This site contains links to these domains. Also see Links.

Domain
paladiny.ru
angelscity.combats.com
capitalcity.combats.com
sandcity.combats.com
w2.riot.mail.ru
w1.riot.mail.ru
dwar.ru
top100.rambler.ru

Subject Issuer	Validity	Valid
*.sape.ru R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-04-17` - `2024-05-18`	a year	crt.sh
*.acint.net R3	`2023-12-31` - `2024-03-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
utraff.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2023-09-14` - `2024-09-13`	a year	crt.sh
*.digitaltarget.ru R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G4	`2023-06-19` - `2024-07-20`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-03-07` - `2024-04-07`	a year	crt.sh
new-programmatic.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-09-24` - `2024-03-24`	6 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2024-01-12` - `2025-02-12`	a year	crt.sh
sync.programmatica.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2023-10-06` - `2024-11-06`	a year	crt.sh
sync.rambler.ru R3	`2024-01-12` - `2024-04-11`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 20 frames:

Primary Page: http://www.paladiny.ru/index.dwar.php
Frame ID: 231F237A3F78DACB9CDE9F9577EB5DC1
Requests: 107 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 80F1FA89A731214EF1F7E244D38F02CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=600&slotname=1332047107&adk=1460880071&adf=2290519548&pi=t.ma~as.1332047107&w=160&lmt=1706135985&format=160x600&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&wgl=1&dt=1706135984681&bpp=4&bdt=752&idt=452&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&correlator=8689844020243&frm=20&pv=2&ga_vid=1872308815.1706135985&ga_sid=1706135985&ga_hid=973648987&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080588%2C31080643%2C95320889%2C95321627%2C95322164&oid=2&pvsid=3989127231409994&tmod=252036428&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=472
Frame ID: 12D50D492E2C18B272936F93B612818C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&adk=1812271804&adf=3025194257&lmt=1706135985&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&dt=1706135985954&bpp=8&bdt=2025&idt=9&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=8689844020243&frm=20&pv=1&ga_vid=1872308815.1706135985&ga_sid=1706135985&ga_hid=973648987&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080588%2C31080643%2C95320889%2C95321627%2C95322164&oid=2&pvsid=3989127231409994&tmod=252036428&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=23
Frame ID: 1F40F0EDDF2A0AECBDE68FF6A7C709DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhju34ngATAB&v=APEucNUaacmCG1VW6RZdfmTnkrAx98eEweLAyfly6iYdmv1LlgVbsE6W0aP5kgpDeMvW3hNXi_pkEHv51513PPigCIzpGr-fjw
Frame ID: B03EF899E8589C92577A43B31CB09BBB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=280&adk=2238285969&adf=821804958&pi=t.aa~a.469292974~i.14~rp.1&w=551&fwrn=4&fwrnh=100&lmt=1706135986&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9553686225&ad_type=text_image&format=551x280&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&fwr=0&pra=3&rh=138&rw=551&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1706135986606&bpp=3&bdt=2676&idt=-M&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0&nras=2&correlator=8689844020243&frm=20&pv=1&ga_vid=1872308815.1706135985&ga_sid=1706135985&ga_hid=973648987&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=193&ady=1271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080588%2C31080643%2C95320889%2C95321627%2C95322164&oid=2&pvsid=3989127231409994&tmod=252036428&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Frame ID: 21B4B64DAD16AB2BE1F3AAD205B35E1B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=280&adk=2238285969&adf=2522502942&pi=t.aa~a.469292974~i.16~rp.1&w=551&fwrn=4&fwrnh=100&lmt=1706135986&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9553686225&ad_type=text_image&format=551x280&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&fwr=0&pra=3&rh=138&rw=551&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1706135986606&bpp=1&bdt=2676&idt=1&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280&nras=3&correlator=8689844020243&frm=20&pv=1&ga_vid=1872308815.1706135985&ga_sid=1706135985&ga_hid=973648987&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=193&ady=1577&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080588%2C31080643%2C95320889%2C95321627%2C95322164&oid=2&pvsid=3989127231409994&tmod=252036428&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=18
Frame ID: 65248962C3D0D88379834A0A799D7716
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706135986&rafmt=1&to=qs&pwprc=9553686225&format=1200x90&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706135986638&bpp=1&bdt=2709&idt=1&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280%2C551x280&nras=4&correlator=8689844020243&frm=20&pv=1&ga_vid=1872308815.1706135985&ga_sid=1706135985&ga_hid=973648987&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080588%2C31080643%2C95320889%2C95321627%2C95322164&oid=2&pvsid=3989127231409994&tmod=252036428&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9
Frame ID: 1B3D700F82BC1B7C69508C5D89709DF1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E94E50939A87C19DBB75937F315FB3F8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
Frame ID: 22236371F9FB9A51DF906614384EC506
Requests: 30 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Frame ID: 024E7D52ABFC82A2FF30AA63D9F15BAC
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7C4BF64CC3EA55B9808529F95403224E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 2CB59C96E40FB115631AC00D2AAEEA69
Requests: 33 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C22D142344AC916B4B3B8CDE618EC15E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0AF7BCA89321E9F6DC7DD5724F56CA36
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: 5AAFB834F859223A90B4F10EA27ED003
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 019E548D3E835C0E8C58A089BF4AE80E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 4236813A54A8C1BBB06980E201D139ED
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 04CC910C7CFB49595410ABFCE1783092
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 188EA193227D9DEB3D32B1D960F2A0A6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Орден Паладинов

Page URL History Show full URLs

http://paladiny.ru/ HTTP 302
http://www.paladiny.ru/index.dwar.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

258
Requests

57 %
HTTPS

24 %
IPv6

52
Domains

78
Subdomains

45
IPs

7
Countries

7108 kB
Transfer

9973 kB
Size

115
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: http://paladiny.ru/go/?http://w1.dwar.ru/info/forum/
Title: Прайм

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://w2.dwar.ru/info/forum/
Title: Минор

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://dwar.ru/user_info.php?nick=Mahpella

Search URL Search Domain Scan URL

URL: http://angelscity.combats.com/inf.pl?login=Kaetanna

Search URL Search Domain Scan URL

URL: http://angelscity.combats.com/inf.pl?login=k_arina

Search URL Search Domain Scan URL

URL: http://angelscity.combats.com/inf.pl?login=ROMASKA

Search URL Search Domain Scan URL

URL: http://capitalcity.combats.com/inf.pl?login=%F7%E8%ED%EE%E2%ED%E8%EA

Search URL Search Domain Scan URL

URL: http://sandcity.combats.com/inf.pl?login=%DF%F0%E8%EB%EE%20%C4%F0%E5%E2%ED%E8%E9

Search URL Search Domain Scan URL

URL: http://sandcity.combats.com/inf.pl?login=%F8%F3%EC%E5%EB%EA%E0-%EC%FB%F8%FC

Search URL Search Domain Scan URL

URL: http://w2.riot.mail.ru/
Title: RIOT

Search URL Search Domain Scan URL

URL: http://w1.riot.mail.ru/riot/userview.html?nick=Jetkokos

Search URL Search Domain Scan URL

URL: http://dwar.ru/user_info.php?nick=null

Search URL Search Domain Scan URL

URL: http://dwar.ru/user_info.php?nick=http://w1.riot.mail.ru/riot/userview.html?nick=Draconia

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=8002

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=8017

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=8022

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=8007

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=8012

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=8027

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=8001

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=7894

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=7898

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=7896

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=7893

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=7897

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.paladiny.ru/go?http://w1.dwar.ru/artifact_info.php?artikul_id=7895

Search URL Search Domain Scan URL

URL: https://top100.rambler.ru/home?id=1449916

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paladiny.ru/ HTTP 302
http://www.paladiny.ru/index.dwar.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

http://www.paladiny.ru/go?http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif HTTP 301
http://www.paladiny.ru/go/?http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif HTTP 302
http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif

Request Chain 31

http://www.paladiny.ru/go?http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif HTTP 301
http://www.paladiny.ru/go/?http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif HTTP 302
http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif

Request Chain 32

http://www.paladiny.ru/go?http://w2.dwar.ru/info/images/mailru.gif HTTP 301
http://www.paladiny.ru/go/?http://w2.dwar.ru/info/images/mailru.gif HTTP 302
http://w2.dwar.ru/info/images/mailru.gif

Request Chain 33

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg HTTP 301
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg HTTP 302
http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg

Request Chain 34

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg HTTP 301
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg HTTP 302
http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg

Request Chain 35

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg HTTP 301
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg HTTP 302
http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg

Request Chain 36

http://www.paladiny.ru/go?http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif HTTP 301
http://www.paladiny.ru/go/?http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif HTTP 302
http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif

Request Chain 37

http://www.paladiny.ru/go?http://dwar.ru/images/data/artifacts/44064_end_up_book.gif HTTP 301
http://www.paladiny.ru/go/?http://dwar.ru/images/data/artifacts/44064_end_up_book.gif HTTP 302
http://dwar.ru/images/data/artifacts/44064_end_up_book.gif

Request Chain 38

http://www.paladiny.ru/go?http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif HTTP 301
http://www.paladiny.ru/go/?http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif HTTP 302
http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif

Request Chain 39

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg HTTP 301
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg HTTP 302
http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg

Request Chain 42

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg HTTP 301
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg HTTP 302
http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg

Request Chain 46

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg HTTP 301
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg HTTP 302
http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg

Request Chain 51

http://counter.rambler.ru/top100.jcn?1449916 HTTP 307
https://counter.rambler.ru/top100.jcn?1449916

Request Chain 75

http://d4.c1.b4.a1.top.list.ru/counter?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.34411730629212856 HTTP 302
https://top-fwz1.mail.ru/counter?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.34411730629212856;ver=30 HTTP 302
https://top-fwz1.mail.ru/counter2?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.34411730629212856;ver=30

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOefuDp4R6g1ta8ZOyMV_Y&google_cver=1

Request Chain 90

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbGRslXZy2R5OSgZR8hWRAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOefuDp4R6g1ta8ZOyMV_Y&google_cver=1

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFVpk2VY0wn9b8tLjR_H4G4&google_cver=1

Request Chain 92

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3ODg3NzA2NzM5ODYwODk5OQ%3D%3D

Request Chain 147

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=2203420AB391B165CD026E6002DC514D

Request Chain 148

https://px.adhigh.net/p/cm/sape?u=0A00007FB291B1659E00F3B20269D48E HTTP 302
https://px.adhigh.net/p/cm/sape?u=0A00007FB291B1659E00F3B20269D48E&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=u6o2eEf63qfc.AikABlGNPaElKQ HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14 HTTP 302
https://acint.net/match?dp=14&euid=1A03420AB391B165D8028A3402077B1A

Request Chain 149

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5516762490 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=APv0aNkioNPJG6TJvDEk1Ug&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fssp.adriver.ru%252Fcgi-bin%252Fsync.cgi%253Fssp_id%253D43%2526external_id%253D%2524%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=1A03420AB391B165D8028A3402077B1A&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A00007FB291B1659E00F3B20269D48E

Request Chain 154

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://www.acint.net/match?dp=71&euid=45f2770a-e408-4cc4-9092-5358528c8501 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14 HTTP 302
https://acint.net/match?dp=14&euid=1A03420AB391B165D8028A3402077B1A

Request Chain 155

https://s.ccsyncuuid.net/match/5/?remote_uid=0A00007FB291B1659E00F3B20269D48E HTTP 302
https://acint.net/match?dp=80&euid=ZVhCzQlzCP31Rn6maF2x HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14 HTTP 302
https://acint.net/match?dp=14&euid=1A03420AB391B165D8028A3402077B1A

Request Chain 157

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=ATTWSOTG

Request Chain 158

https://sync.adspend.space/sape?uid=0A00007FB291B1659E00F3B20269D48E HTTP 302
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D79fcf056-37bd-475b-a157-3b2bb578f8f4 HTTP 302
https://www.acint.net/match?dp=98&euid=79fcf056-37bd-475b-a157-3b2bb578f8f4

Request Chain 159

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=7aM9XKHP2GgV

Request Chain 160

https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0A00007FB291B1659E00F3B20269D48E&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0A00007FB291B1659E00F3B20269D48E&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1&rts=6575482596362379046 HTTP 302
https://acint.net/match?dp=107&euid=72ddb1c2-2157-5319-8933-1392ec828221

Request Chain 161

https://ads.adlook.me/csync?pid=sape&uid=0A00007FB291B1659E00F3B20269D48E&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=cc7d8fc4e4aa437a97f0713506632386

Request Chain 162

https://sm.rtb.mts.ru/p?ssp=sape&id=0A00007FB291B1659E00F3B20269D48E HTTP 301
https://vma.mts.ru/match/second?ssp=30&exu=0A00007FB291B1659E00F3B20269D48E HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=73cad835-3259-4e6a-b51e-b3eaa452c2a3&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D30%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID HTTP 302
https://vma.mts.ru/em?next=30&em=2&ssp=aidata&id=d9aZtlRGCYuxmS639VJkWA HTTP 301
https://www.acint.net/match?dp=125&euid=73cad835-3259-4e6a-b51e-b3eaa452c2a3

Request Chain 163

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=4a31dfa2-8979-4353-58f3-11b3c16cba0d

Request Chain 164

https://s.uuidksinc.net/match/396/?remote_uid=0A00007FB291B1659E00F3B20269D48E HTTP 302
https://www.acint.net/match?dp=127&euid=RlSI1Q0E0si7yJdUEveE

Request Chain 165

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=u6n0pq7zcn

Request Chain 167

https://x01.aidata.io/0.gif?pid=9401454&id=0A00007FB291B1659E00F3B20269D48E HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0A00007FB291B1659E00F3B20269D48E&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 168

https://sync.gonet-ads.com/match/sape.js?id=0A00007FB291B1659E00F3B20269D48E HTTP 302
https://sync.gonet-ads.com/match/sape.js?id=0A00007FB291B1659E00F3B20269D48E&chk=1

Request Chain 169

https://sync.bumlam.com/?src=sap1&uid=0A00007FB291B1659E00F3B20269D48E HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARi1o8atBmIgMEEwMDAwN0ZCMjkxQjE2NTlFMDBGM0IyMDI2OUQ0OEWiARB7MF0kuwkR7ruxACWQyCQ2

Request Chain 170

https://pix.bumlam.com/sync/sape/check?sspuid=0A00007FB291B1659E00F3B20269D48E HTTP 302
https://sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/sync_ok?guid=7b305d24-bb09-11ee-bbb1-002590c82436 HTTP 302
https://7b305d24-bb09-11ee-bbb1-002590c82436.n5.sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/done

Request Chain 172

https://nr.bidderstack.com/sape/cm?user_id=0A00007FB291B1659E00F3B20269D48E HTTP 302
https://nr.bidderstack.com/sape/cm?user_id=0A00007FB291B1659E00F3B20269D48E&pupa=1

Request Chain 173

https://cs.agency2.ru/p?ssp=sp&uid=0A00007FB291B1659E00F3B20269D48E HTTP 301
https://www.acint.net/match?dp=186&euid=0ca9033f-1f43-42f2-a626-cd709655eaba

Request Chain 174

https://match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP 302
https://www.acint.net/match?dp=217&euid=f0e2d0a4-e49d-45fc-ae9c-b610709fb6d5

Request Chain 177

https://adx.com.ru/sape-sync?uid=0A00007FB291B1659E00F3B20269D48E HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=0A00007FB291B1659E00F3B20269D48E HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65b191b5a897d80001f5c578%2526r%253D%26webouid%3D{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65b191b5a897d80001f5c578%2526r%253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=3040039074 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65b191b5a897d80001f5c578%26r%3D&webouid=9yqIq6YADv1fdOrj57fLZ.

Request Chain 178

https://kimberlite.io/rtb/sync/sape2?u=0A00007FB291B1659E00F3B20269D48E HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZbGRtWqlG3s HTTP 301
https://vma.mts.ru/match/second?ssp=59&exu=ZbGRtWqlG3s HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=73cad835-3259-4e6a-b51e-b3eaa452c2a3&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
https://vma.mts.ru/em?next=59&em=1&ssp=konnektu&id= HTTP 301
https://kimberlite.io/rtb/sync/mts?u=73cad835-3259-4e6a-b51e-b3eaa452c2a3 HTTP 307
https://www.acint.net/match?dp=243&euid=ZbGRtWqlG3s

Request Chain 179

https://sync.dsp.solta.io/match/sape?id=0A00007FB291B1659E00F3B20269D48E HTTP 302
https://sync.dsp.solta.io/match/sape?id=0A00007FB291B1659E00F3B20269D48E&chk=1 HTTP 302
https://www.acint.net/match?dp=260&euid=MTZlMzM4NmI1YzQ4MmFjNw

Request Chain 182

https://ssp.afp.ai/api/sync/sape HTTP 302
https://www.acint.net/match?dp=261&euid=31cad855-2a71-4ef3-8280-e84eea0cf51a

Request Chain 197

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 222

https://gcdn.2mdn.net/videoplayback/id/7257b5c3ff439ecb/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3834658814/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/83B0B1207F6ED69952D4EE0E7A5E8162DEC910DB.3D33517B3F7E66230A71F6E62D42DA574D837C0D/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-q4fl6n6r.c.2mdn.net/videoplayback/id/7257b5c3ff439ecb/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3834658814/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5EF24A9A3870A6C899725B7E93AA928BC5A0D0FB.0387C069DFB7A161F6BBF379AED2AFC26B3D0E2C/key/cms1/cms_redirect/yes/mh/zk/mip/2001:550:1d05:1::4/mm/42/mn/sn-q4fl6n6r/ms/onc/mt/1706135566/mv/m/mvi/3/pl/48/file/file.mp4

Request Chain 226

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10258.PXiUfo0RVx4LfVgB8M6IEa4_XoYt2RpGSTLY7bPcyuX1oH39mDrnwyQ1VOaaEANh.xvucDZzPHJICtbOINX_xVugL7sQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10258.HGn5Rc9d3r2bMgsCOPDkfTOjRYkDvtWFutNEYM7nj0e15IgbLFnyt-x6PhxSxjYphxRCVKQe5Xfes4U-YTwUbdGLcgIIV42oc6emNaVo8_kCVMy-tDvn5PzLbnZtR2pXDXe1DAQ8gaqMBnGlFaLlOyK-jA1LM9t7uUB2JPxKsqHGw-Fkrwq0hv_zDHl0Uas5vCi3dvsl7mSQKE--JB-HFoyQbd9dFcns7BjFpbd1lxo%2C.5M7FRDCE3dD8bVrmMKWm2QVFuz4%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10258.KbWWquiE2eYuh73xCHdc5mQyky4pM0BfGX65vj59ekM6rGCVTdm_A-onSJAtGcbc-7oA5VHlAScra4k3nu1E-fO1K_OgTodn7_M27iqaM820U3uxftwVdoW1zETLyCBkxS9GXw5OT0AOYpg1XIGN4Xet7rT2g9i0d_lKUhH41eh-8RZR9lYjnWxSRL11_8vuHTz9XPTuNRvX8YDksyEDtw%2C%2C.9nfOQyKt-xTIiIp64e0bMuRuP7w%2C

Request Chain 234

https://mc.yandex.com/watch/91568614?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2265b191b1-f3f7-d0qg-unds-7i403aph66hy%22%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1211%3Acn%3A2%3Adp%3A0%3Als%3A1154240366434%3Ahid%3A668940914%3Az%3A-600%3Ai%3A20240124123947%3Aet%3A1706135988%3Ac%3A1%3Arn%3A655998596%3Arqn%3A1%3Au%3A1706135988534965636%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A254%2C139%2C318%2C278%2C869%2C0%2C%2C1750%2C25%2C%2C%2C%2C3608%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706135982346%3Afp%3A2062%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706135989%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr(14%2C14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/91568614/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2265b191b1-f3f7-d0qg-unds-7i403aph66hy%22%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1211%3Acn%3A2%3Adp%3A0%3Als%3A1154240366434%3Ahid%3A668940914%3Az%3A-600%3Ai%3A20240124123947%3Aet%3A1706135988%3Ac%3A1%3Arn%3A655998596%3Arqn%3A1%3Au%3A1706135988534965636%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A254%2C139%2C318%2C278%2C869%2C0%2C%2C1750%2C25%2C%2C%2C%2C3608%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706135982346%3Afp%3A2062%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706135989%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 235

https://mc.yandex.com/watch/71281900?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A659436714695%3Ahid%3A668940914%3Az%3A-600%3Ai%3A20240124123947%3Aet%3A1706135988%3Ac%3A1%3Arn%3A852772063%3Arqn%3A1%3Au%3A1706135988534965636%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A254%2C139%2C318%2C278%2C869%2C0%2C%2C1750%2C25%2C%2C%2C%2C3608%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706135982346%3Afp%3A2062%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706135989%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A659436714695%3Ahid%3A668940914%3Az%3A-600%3Ai%3A20240124123947%3Aet%3A1706135988%3Ac%3A1%3Arn%3A852772063%3Arqn%3A1%3Au%3A1706135988534965636%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A254%2C139%2C318%2C278%2C869%2C0%2C%2C1750%2C25%2C%2C%2C%2C3608%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706135982346%3Afp%3A2062%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706135989%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 240

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP651wIQprvuAhjvjNTxASABMAE&v=APEucNXTK9dYnE8Sm1cdf8q1OKfD_tTjMJoezo9plKWzf9a318AV2ndNrbHdfEY5Azysni0O4_DKn8yuaNHF1hH4GcNPcXygKAn49vZ5hixkIpYzj9QHdJM HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbGRslXZy2R5OSgZR8hWRAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOefuDp4R6g1ta8ZOyMV_Y&google_cver=1

Request Chain 247

https://dmg.digitaltarget.ru/1/1093/i/i?i=116251824981742.481683917085948&a=77&e=0A00007FB291B1659E00F3B20269D48E&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0A00007FB291B1659E00F3B20269D48E.sync:up.xdua:duEbXYzTDgwZEi_cHMXMRpoF.xps:xpsTqFTOpZWnpZGWrlBqP91i4.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1706135990843&i=116251824981742.481683917085948&a=77&e=0A00007FB291B1659E00F3B20269D48E&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0A00007FB291B1659E00F3B20269D48E.sync:up.xdua:duEbXYzTDgwZEi_cHMXMRpoF.xps:xpsTqFTOpZWnpZGWrlBqP91i4.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=BSSjZai9676COO775dp7

Request Chain 248

https://dmg.digitaltarget.ru/1/1093/i/i?i=116251824981742.432250919526759&a=77&e=0A00007FB291B1659E00F3B20269D48E&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0A00007FB291B1659E00F3B20269D48E.sync:up.xdua:duEbXYzTDgwZEi_cHMXMRpoF.xps:xpsTqFTOpZWnpZGWrlBqP91i4.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1706135990854&i=116251824981742.432250919526759&a=77&e=0A00007FB291B1659E00F3B20269D48E&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0A00007FB291B1659E00F3B20269D48E.sync:up.xdua:duEbXYzTDgwZEi_cHMXMRpoF.xps:xpsTqFTOpZWnpZGWrlBqP91i4.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=P4AxTJn9YZGmcav7AsZ4

258 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.dwar.php Show response
www.paladiny.ru/
Redirect Chain

http://paladiny.ru/
http://www.paladiny.ru/index.dwar.php

60 KB
15 KB

711ms
318ms

Document
text/html

146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 9161a5a0823acd003042976f05fc26bed4039c2e9e1977dd7b358634df4a6c24

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 15264
Content-Type: text/html; charset=CP1251
Date: Wed, 24 Jan 2024 22:39:43 GMT
Server: nginx/1.9.2
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.29-1~dotdeb.0

Redirect headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 20
Content-Type: text/html; charset=CP1251
Date: Wed, 24 Jan 2024 22:39:43 GMT
Location: http://www.paladiny.ru/index.dwar.php
Server: nginx/1.9.2
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.29-1~dotdeb.0

GET
H/1.1 200
OK main.css
www.paladiny.ru/js/ 8 KB
8 KB 276ms
137ms Stylesheet
text/css 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paladiny.ru/js/main.css
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 36d71a4322b43e8bc7f079e0e9ff676e97ac8af955332e30de9d513e0ca8b861

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:32:27 GMT
Server: nginx/1.9.2
ETag: "4865080b-1e84"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7812

GET
H/1.1 200
OK logo.jpg
www.paladiny.ru/pics/ 23 KB
23 KB 285ms
140ms Image
image/jpeg 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/logo.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: da3aac110278116dac2ac2359465f8c511d12cee712ca74e828350e891c92846

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:18 GMT
Server: nginx/1.9.2
ETag: "4865087a-5ac8"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23240

GET
H/1.1 200
OK pob.gif
www.paladiny.ru/pics/ 1 KB
1 KB 286ms
141ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/pob.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: d251101f3039f702bd870b1e4ae92addc42f895f3f9699f0d1341aaed075c47f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:22 GMT
Server: nginx/1.9.2
ETag: "4865087e-4eb"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1259

GET
H/1.1 200
OK tmbg.gif
www.paladiny.ru/pics/ 148 B
384 B 144ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/tmbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 487238b9c9c6d7ade7161ece3909d28315189cddd05644fd918b5b7dc40b0929

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:40:23 GMT
Server: nginx/1.9.2
ETag: "486509e7-94"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 148

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
54 KB 160ms
96ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

HTTP/1.1

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c71ec8ac9aadefb1dc21c1b3048b6d8f2640804536f6a7acd11b2a2b4c9939fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54343
X-XSS-Protection: 0
Server: cafe
ETag: 2042683414502233369
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires: Wed, 24 Jan 2024 22:39:44 GMT

GET
H/1.1 200
OK spacer.gif
www.paladiny.ru/pics/ 43 B
278 B 151ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/spacer.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 74e51ad76a9c144a79ddce4488618495769b9c3af5b6ff4651315545850ae3a2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:40:21 GMT
Server: nginx/1.9.2
ETag: "486509e5-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H/1.1 200
OK lmli.gif
www.paladiny.ru/pics/ 104 B
340 B 2603ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmli.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 46612b2c33d8502a26bef927b364c85ba1bd5e8c9491bb9c369ec9d8900682ba

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:46 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:16 GMT
Server: nginx/1.9.2
ETag: "48650878-68"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104

GET
H/1.1 200
OK lmenurt.gif
www.paladiny.ru/pics/ 281 B
518 B 2690ms
143ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmenurt.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: e2ed7d372b4df9b6132f8bc5ee9534994a37790e9f8612c89de3131ac0a3ee76

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:46 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:16 GMT
Server: nginx/1.9.2
ETag: "48650878-119"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 281

GET
H/1.1 200
OK txttbg.gif
www.paladiny.ru/pics/ 1 KB
1 KB 394ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/txttbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: cfdbae1c302cf3e3cf68a0b9a049503fbec2165e1ee9b783bc67b7c4deb657c7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:40:24 GMT
Server: nginx/1.9.2
ETag: "486509e8-453"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1107

GET
H/1.1 200
OK dwar.gif
www.paladiny.ru/pics/cities/verysmall/ 1 KB
1 KB 522ms
137ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/cities/verysmall/dwar.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 82a243f1185d308e2b5425cb7870d71365d75c741f0bd146be301110ca1bb471

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:01 GMT
Server: nginx/1.9.2
ETag: "48650869-40c"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1036

GET
H/1.1 200
OK player_info.gif
www.paladiny.ru/images/ 122 B
358 B 140ms
140ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/player_info.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 11011bbf0d3cb26e0fceafca878f9b4c4f2e6f8c9c3a16ac3596bf728a9e13aa

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:39 GMT
Server: nginx/1.9.2
ETag: "4865079f-7a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122

GET
H/1.1 200
OK 8833478.gif
www.paladiny.ru/images/data/clans/ 547 B
784 B 833ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/data/clans/8833478.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: cec8daa3247004d679962186c0e4ab619a2e2e268be83a9f0e30a63941fed980

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:45 GMT
Last-Modified: Fri, 27 Jun 2008 15:20:47 GMT
Server: nginx/1.9.2
ETag: "4865054f-223"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 547

GET
H/1.1 200
OK 5501173.gif
www.paladiny.ru/images/data/clans/ 570 B
807 B 1340ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/data/clans/5501173.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 467da83dd32db97c82e624d9023508f35a223e803d50551c6aa8efe5600f44f9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:45 GMT
Last-Modified: Mon, 09 Feb 2009 12:35:51 GMT
Server: nginx/1.9.2
ETag: "49902327-23a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 570

GET
H/1.1 200
OK victory.gif
www.paladiny.ru/pics/smiles/2/ 3 KB
3 KB 139ms
137ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/smiles/2/victory.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 6b9159f40e567f25875eea66a419bac05adb855287a6a5ea89db394abbc3c12e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:36:49 GMT
Server: nginx/1.9.2
ETag: "48650911-a01"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2561

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 2 KB
2 KB 2494ms
499ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fpaladiny.ru%2Fpics%2Fbuttons%2FRU%2Fupdate_8.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: c664d5978cf581aed82573b3aa67871eafed5cbab4a9fa2b606d24d0fb849aee

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:46 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 1911
Expires: Wed, 24 Jan 2024 22:39:46 GMT

GET
H/1.1 200
OK inf.gif
www.paladiny.ru/images/dwar/ 122 B
358 B 1233ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/dwar/inf.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 11011bbf0d3cb26e0fceafca878f9b4c4f2e6f8c9c3a16ac3596bf728a9e13aa

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:45 GMT
Last-Modified: Fri, 27 Jun 2008 15:20:50 GMT
Server: nginx/1.9.2
ETag: "48650552-7a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 2 KB
2 KB 1295ms
499ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fpaladiny.ru%2Fpics%2Fbuttons%2FRU%2Fupdate_5.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 8c1e06daa0635ddc986efacf5d8d75e0bd042630b25ff3ff89a016eea620d5fe

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:45 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 1922
Expires: Wed, 24 Jan 2024 22:39:45 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 1994ms
599ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2Fqst_osk_vozd_1.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 6928d950213d68037a85890346f61be7cac1532a37a3ff788bb2c2bfc9aefe2b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:46 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3070
Expires: Wed, 24 Jan 2024 22:39:46 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 1701ms
406ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2Fqst_osk_voda_1.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: d4dc068700802f1a3ff3f640e249a537e3c10deefd2fd33fb614bc1c5f022f8c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:46 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3040
Expires: Wed, 24 Jan 2024 22:39:46 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 2394ms
499ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2Fqst_osk_svet_1.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 9c98d0d06e9875cb3b2b2550bd6bf077c4a30952e60d20e72ca59c6df4627d1a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:46 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 2946
Expires: Wed, 24 Jan 2024 22:39:46 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 995ms
500ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2Fqst_osk_ogon_1.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 664cd053448edad7c51b1a5e024c9ae8b9f727593d023864b99d9b909ed48c2c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:45 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 2921
Expires: Wed, 24 Jan 2024 22:39:45 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 2303ms
508ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2Fqst_osk_zem_1.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 4227347d816335bc568470d0c065ce379f906fca2214f5b210d6ac32f0f1cf81

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:46 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3121
Expires: Wed, 24 Jan 2024 22:39:46 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 895ms
404ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2Fqst_osk_ten_1.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 07bcf6f000a5d0e894101001323f067a0132fe8c065218e55a54b4c44b892632

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:45 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3057
Expires: Wed, 24 Jan 2024 22:39:45 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
4 KB 1495ms
599ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2Fqst_oprava_stix.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 4909f41909ddc2270c51040c1b2548c64696cb652fa9348221b3cf52c38df337

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:45 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3380
Expires: Wed, 24 Jan 2024 22:39:45 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 2094ms
599ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2F50867_am_vozduh.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: b8799aee68c4e47eaebfb86799362bd4dd73a199d661a0d6838d3e83cacbdec4

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:46 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3298
Expires: Wed, 24 Jan 2024 22:39:46 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 596ms
234ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2F50867_am_voda.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: aad4d0b19ec249e3b35d8a085b29ed2e9b84388e511ea5dbb31df9e1d1a18ae6

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:44 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3184
Expires: Wed, 24 Jan 2024 22:39:44 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
4 KB 1894ms
519ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2F50867_am_svet.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 6c7bd67d4e974ad78e9c8f024603ef0c1bd0ae2f5d8b1fe68e058be32a748bdc

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:46 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3362
Expires: Wed, 24 Jan 2024 22:39:46 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 1196ms
599ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2F50867_am_ogon.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 2611916f938882a3b2abbffb2ca0af48b22dbdb42bac519fe4c5962f7715ecdf

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:45 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3201
Expires: Wed, 24 Jan 2024 22:39:45 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 2194ms
491ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2F50867_am_zeml.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 692050722f9a8d3f195948f6f6611f678ca177e029da1d1c3138fd04a2d19d05

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:46 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3302
Expires: Wed, 24 Jan 2024 22:39:46 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 1794ms
453ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fdwar.ru%2Fimages%2Fdata%2Fartifacts%2F50867_am_ten.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: e21dd1f07b60c27a6658e8d07e62973b6efeb112eb512741d58fe5fa72a301d7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:46 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3231
Expires: Wed, 24 Jan 2024 22:39:46 GMT

GET
H/1.1

200
OK

240809_runa_fev.gif
w2.dwar.ru/images/data/artifacts/
Redirect Chain

http://www.paladiny.ru/go?http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif
http://www.paladiny.ru/go/?http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif
http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif

5 KB
5 KB

997ms
395ms

Image
image/gif

178.22.89.12
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 178.22.89.12 Moscow, Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: dragon63.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: 84c778ec8e53f897b7ed92b2e556a04229ffdcfc65a53c42d7fb2654d359c83b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:48 GMT
Last-Modified: Tue, 13 Apr 2010 07:03:25 GMT
Server: nginx/1.17.4
ETag: "4bc4173d-1246"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4678
Expires: Wed, 31 Jan 2024 22:39:48 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:47 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w2.dwar.ru/images/data/artifacts/240809_runa_fev.gif
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

7937_fev_blue.gif
w2.dwar.ru/images/data/artifacts/
Redirect Chain

http://www.paladiny.ru/go?http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif
http://www.paladiny.ru/go/?http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif
http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif

5 KB
5 KB

1021ms
394ms

Image
image/gif

178.22.89.12
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 178.22.89.12 Moscow, Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: dragon63.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: d9a646084d08615946bbce7d4b06dfe8e6bed44733e42aaf03cd3e564a6a4b7c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:48 GMT
Last-Modified: Thu, 29 Apr 2010 13:39:08 GMT
Server: nginx/1.17.4
ETag: "4bd98bfc-1245"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4677
Expires: Wed, 31 Jan 2024 22:39:48 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:47 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w2.dwar.ru/images/data/artifacts/7937_fev_blue.gif
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

mailru.gif
w2.dwar.ru/info/images/
Redirect Chain

http://www.paladiny.ru/go?http://w2.dwar.ru/info/images/mailru.gif
http://www.paladiny.ru/go/?http://w2.dwar.ru/info/images/mailru.gif
http://w2.dwar.ru/info/images/mailru.gif

3 KB
3 KB

1124ms
357ms

Image
image/gif

178.22.89.12
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w2.dwar.ru/info/images/mailru.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 178.22.89.12 Moscow, Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: dragon63.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: d76a1715a5e2fd386a0fa2eeb08818d38eb8069a689f5e3d78b93f6dd8b0f060

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:48 GMT
Last-Modified: Mon, 21 Dec 2009 13:00:02 GMT
Server: nginx/1.17.4
ETag: "10009083190-a8a-47b3caae17880"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2698
Expires: Wed, 31 Jan 2024 22:39:48 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:46 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w2.dwar.ru/info/images/mailru.gif
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

40369_3_18_ezdovoj_volk2.jpg
w1.dwar.ru/images/data/bots/
Redirect Chain

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg
http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg

119 KB
119 KB

755ms
358ms

Image
image/jpeg

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: a9545d5aaaffeaa1d0c5e92529a2e1b3ac276c1ab9f2201e5a4d6aecf31d662b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:48 GMT
Last-Modified: Fri, 21 May 2010 13:01:22 GMT
Server: nginx/1.17.4
ETag: "4bf68422-1db25"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 121637
Expires: Wed, 31 Jan 2024 22:39:48 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:47 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w1.dwar.ru/images/data/bots/40369_3_18_ezdovoj_volk2.jpg
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

40371_0_18_nosorog2.jpg
w1.dwar.ru/images/data/bots/
Redirect Chain

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg
http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg

128 KB
129 KB

672ms
361ms

Image
image/jpeg

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: fd4424b11c227abdf21fecb2be1ba5d1ce2ebbe9018378a40ea62c062401cf04

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:48 GMT
Last-Modified: Fri, 21 May 2010 08:41:28 GMT
Server: nginx/1.17.4
ETag: "4bf64738-2012c"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 131372
Expires: Wed, 31 Jan 2024 22:39:48 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:47 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w1.dwar.ru/images/data/bots/40371_0_18_nosorog2.jpg
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

40374_3_18_pantera2.jpg
w1.dwar.ru/images/data/bots/
Redirect Chain

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg
http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg

109 KB
109 KB

541ms
360ms

Image
image/jpeg

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: 18863edc17d105efe80f3ca8d2833dcbac289e1de33d7bb2ecfb53a4a2136b11

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:48 GMT
Last-Modified: Thu, 13 May 2010 12:30:59 GMT
Server: nginx/1.17.4
ETag: "4bebf103-1b223"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111139
Expires: Wed, 31 Jan 2024 22:39:48 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:47 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w1.dwar.ru/images/data/bots/40374_3_18_pantera2.jpg
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

44064_grum_up_book.gif
dwar.ru/images/data/artifacts/
Redirect Chain

http://www.paladiny.ru/go?http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif
http://www.paladiny.ru/go/?http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif
http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif

3 KB
4 KB

1172ms
348ms

Image
image/gif

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: 9f20d1e58609e8d73a77c16bf2ff3a53b87439cfd537dff3bd344c86b400d760

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:49 GMT
Last-Modified: Tue, 18 May 2010 06:45:28 GMT
Server: nginx/1.17.4
ETag: "4bf23788-d13"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3347
Expires: Wed, 31 Jan 2024 22:39:49 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:48 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://dwar.ru/images/data/artifacts/44064_grum_up_book.gif
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

44064_end_up_book.gif
dwar.ru/images/data/artifacts/
Redirect Chain

http://www.paladiny.ru/go?http://dwar.ru/images/data/artifacts/44064_end_up_book.gif
http://www.paladiny.ru/go/?http://dwar.ru/images/data/artifacts/44064_end_up_book.gif
http://dwar.ru/images/data/artifacts/44064_end_up_book.gif

3 KB
4 KB

977ms
349ms

Image
image/gif

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dwar.ru/images/data/artifacts/44064_end_up_book.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: b4b64eb2181cf8894c2e85c0c757bdcd346d6274fc3b2a8a450abc9717c571ac

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:49 GMT
Last-Modified: Tue, 18 May 2010 06:45:17 GMT
Server: nginx/1.17.4
ETag: "4bf2377d-d0a"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3338
Expires: Wed, 31 Jan 2024 22:39:49 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:48 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://dwar.ru/images/data/artifacts/44064_end_up_book.gif
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

44064_shan_up_book.gif
dwar.ru/images/data/artifacts/
Redirect Chain

http://www.paladiny.ru/go?http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif
http://www.paladiny.ru/go/?http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif
http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif

3 KB
4 KB

1057ms
349ms

Image
image/gif

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: 6757a794295d7c879b85d298940e47ba17ba94d73399101b1eb90081f703783f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:49 GMT
Last-Modified: Tue, 18 May 2010 06:45:00 GMT
Server: nginx/1.17.4
ETag: "4bf2376c-d5e"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3422
Expires: Wed, 31 Jan 2024 22:39:49 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:48 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://dwar.ru/images/data/artifacts/44064_shan_up_book.gif
Connection: keep-alive
Content-Length: 20

GET
H/1.1

200
OK

stareyshina_human2.jpg
w1.dwar.ru/images/data/npcs/
Redirect Chain

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg
http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg

11 KB
11 KB

181ms
180ms

Image
image/jpeg

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: 0e5dd0968f7537aa57747c32f3a41751961bb82b27cee5d9562197c02db5324f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:50 GMT
Last-Modified: Thu, 14 Jun 2007 07:55:24 GMT
Server: nginx/1.17.4
ETag: "4670f46c-2a96"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10902
Expires: Wed, 31 Jan 2024 22:39:50 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:50 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w1.dwar.ru/images/data/npcs/stareyshina_human2.jpg
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK human.gif
www.paladiny.ru/images/dwar/ 1015 B
1 KB 140ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/dwar/human.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 213bb8cd33e8de49166a067eaa45fdd8b1649e3df576b4a1c43151e31c474fe4

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:49 GMT
Last-Modified: Fri, 27 Jun 2008 15:20:49 GMT
Server: nginx/1.9.2
ETag: "48650551-3f7"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1015

GET
H/1.1 200
OK magmar.gif
www.paladiny.ru/images/dwar/ 591 B
828 B 139ms
138ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/dwar/magmar.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: f930cf40c417e13546aac7229e5855de567565e4c2428bef6f7f9af21cb60d90

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:49 GMT
Last-Modified: Fri, 27 Jun 2008 15:20:51 GMT
Server: nginx/1.9.2
ETag: "48650553-24f"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 591

GET
H/1.1

200
OK

stareyshina_magmar.jpg
w1.dwar.ru/images/data/npcs/
Redirect Chain

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg
http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg

12 KB
12 KB

182ms
181ms

Image
image/jpeg

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: 9f2c57e3715b87f2abe5a04e67385cacb2a05d59ab1199a9913e5cd808f32f3b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:49 GMT
Last-Modified: Tue, 16 Oct 2007 13:08:49 GMT
Server: nginx/1.17.4
ETag: "4714b7e1-2e13"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11795
Expires: Wed, 31 Jan 2024 22:39:49 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:49 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w1.dwar.ru/images/data/npcs/stareyshina_magmar.jpg
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 198 KB
198 KB 316ms
314ms Image
image/png 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fw1.dwar.ru%2Finfo%2Fpictures%2Fimage%2Fguild_human.png
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: b6c3cc61662396e5e69e08cae9a8bf73a62ffe433545c0d1783a30ac5a761e6a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png
Date: Wed, 24 Jan 2024 22:39:49 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 202603
Expires: Wed, 24 Jan 2024 22:39:49 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 188 KB
189 KB 141ms
141ms Image
image/png 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fw1.dwar.ru%2Finfo%2Fpictures%2Fimage%2Fguild_magm.png
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 6400a39fde3f088e724fa23ed2713c7bddd7e040887f160a1f10879de799b07e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png
Date: Wed, 24 Jan 2024 22:39:49 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 193013
Expires: Wed, 24 Jan 2024 22:39:49 GMT

GET
H/1.1 200
OK 95.png
www.paladiny.ru/images/magic/clans/ 3 KB
4 KB 140ms
139ms Image
image/png 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/magic/clans/95.png
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 769bcb8ae106f95598a693f66f8798cf3b52047ab7b1b7ff53a9077d1564a711

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:49 GMT
Last-Modified: Thu, 08 Jul 2010 14:19:03 GMT
Server: nginx/1.9.2
ETag: "4c35de57-d6e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3438

GET
H/1.1

200
OK

vodolaz_170210.jpg
w1.dwar.ru/images/data/bots/
Redirect Chain

http://www.paladiny.ru/go?http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg
http://www.paladiny.ru/go/?http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg
http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg

101 KB
102 KB

182ms
181ms

Image
image/jpeg

188.93.63.157
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 188.93.63.157 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 188-93-63-157.ext.terrhq.ru
Software: nginx/1.17.4 /
Resource Hash: 0f883456ac7a160704cba073537061e2cc7cacffb5367ec79e9823ac37a25441

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:51 GMT
Last-Modified: Wed, 17 Feb 2010 13:00:57 GMT
Server: nginx/1.17.4
ETag: "4b7be889-195ce"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103886
Expires: Wed, 31 Jan 2024 22:39:51 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:51 GMT
Content-Encoding: gzip
Server: nginx/1.9.2
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Vary: Accept-Encoding
Content-Type: text/html; charset=CP1251
Location: http://w1.dwar.ru/images/data/bots/vodolaz_170210.jpg
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 12 KB
12 KB 150ms
150ms Image
image/jpeg 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fw1.dwar.ru%2Fimages%2Fdata%2Fnpcs%2FShearaNPC.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: b9d3550ec6290d4577c10314a6b5580fd0e7415bc9e3ad3dc7d439621b3d2c37

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/jpeg
Date: Wed, 24 Jan 2024 22:39:49 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 11917
Expires: Wed, 24 Jan 2024 22:39:49 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 94 B
317 B 240ms
238ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=5&I=glg_adm
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 20ff99e448fa1b08900e977609bd2a57537c99e7f190c1fc3549f778e1b5f879

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:50 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 94
Expires: Wed, 24 Jan 2024 22:39:50 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 4 KB
4 KB 323ms
323ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fw1.dwar.ru%2Fimages%2Fdata%2Fachievements%2Frep_gorodskaya2.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: e343b922783a7d473723eddf5276b370eac4f61f63aa09b4e9c675818619a5d5

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:50 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3623
Expires: Wed, 24 Jan 2024 22:39:50 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 3 KB
3 KB 182ms
181ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=0&I=http%3A%2F%2Fwww.paladiny.ru%2Fgo%3Fhttp%3A%2F%2Fw1.dwar.ru%2Fimages%2Fdata%2Fartifacts%2Fres_panc_dinihtis.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 1e97ec018a5a500f1b8046e66a18155ab2db29f2f63dad606a443b1196f83216

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:50 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 3223
Expires: Wed, 24 Jan 2024 22:39:50 GMT

GET
H2

200

top100.jcn Show response
counter.rambler.ru/
Redirect Chain

http://counter.rambler.ru/top100.jcn?1449916
https://counter.rambler.ru/top100.jcn?1449916

118 KB
119 KB

703ms
353ms

Script
application/javascript

81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.rambler.ru/top100.jcn?1449916
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: 35c05f5c905b9dcd33731994cee6d93c8421a0453385dac467cd835d5290b305

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: application/octet-stream, application/javascript
date: Wed, 24 Jan 2024 22:39:45 GMT
server: nginx
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

Redirect headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://counter.rambler.ru/top100.jcn?1449916
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 164

GET
H2 200 5291.js Show response
cdn-rtb.sape.ru/teasers/js/291/2/ 105 KB
44 KB 716ms
349ms Script
application/javascript 185.12.127.130
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/teasers/js/291/2/5291.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.12.127.130 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

Software

openresty /

Resource Hash

64cac79afa1f931b362ec56fdb352b0ab2c1f19a50b92185aa92171cc6d4d912

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:44 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 24 Jan 2024 21:57:50 GMT
server: openresty
x-amz-request-id: 17AD678883481EDC
etag: W/"824c8702578d327c029d940d90c6a954"
x-cache-status: HIT
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=3600
x-xss-protection: 1; mode=block
expires: Wed, 24 Jan 2024 23:39:44 GMT

GET
H/1.1 200
OK orden.gif
www.paladiny.ru/pics/ 734 B
971 B 139ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/orden.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: aba4852dfc7b5f2bafef02200c329f1cb1ae85786eb6c359efc8b05bc3b2e59f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:50 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:20 GMT
Server: nginx/1.9.2
ETag: "4865087c-2de"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 734

GET
H/1.1 200
OK dbg.gif
www.paladiny.ru/pics/ 1 KB
1 KB 530ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/dbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: ae1401ab4ddd9845a325bf809e93499c7d8bc0a52e8f032f206da67272aabcc0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:04 GMT
Server: nginx/1.9.2
ETag: "4865086c-447"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1095

GET
H/1.1 200
OK new.gif
www.paladiny.ru/images/ 3 KB
3 KB 140ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/new.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 0e10f07e21bdc3acceb8b6163bc8d6f749147a15abde39f6d65f5eae72d4e404

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:50 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:34 GMT
Server: nginx/1.9.2
ETag: "4865079a-a8a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2698

GET
H/1.1 200
OK apo_cvet.gif
www.paladiny.ru/images/img/klan/ 2 KB
2 KB 398ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/img/klan/apo_cvet.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 4e0f1cb81072fca61fa7f3bd64686888ed3b58e76940dc878de87f4ae51f5c64

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:31 GMT
Server: nginx/1.9.2
ETag: "48650797-6e5"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1765

GET
H/1.1 200
OK inf3.gif
www.paladiny.ru/images/img/ 76 B
311 B 402ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/img/inf3.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: d86f06fa78fa503f1cdf2c9de099f9e691871af0f4c05b10c2bc32399e4b8a48

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:29 GMT
Server: nginx/1.9.2
ETag: "48650795-4c"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 334 B
558 B 259ms
140ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=3&I=1.9_vet
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 57d71b72317038d6bba7a8d12bbcf44969a75ac2da004911f803e1010ef5c79c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:44 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 334
Expires: Wed, 24 Jan 2024 22:39:44 GMT

GET
H/1.1 200
OK inf0.gif
www.paladiny.ru/images/img/ 78 B
313 B 262ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/img/inf0.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 40ed9971456e7552b7bcc66b4a048f01579b9c058293947df3abf9e23ce7e34c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:27 GMT
Server: nginx/1.9.2
ETag: "48650793-4e"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 363 B
587 B 528ms
140ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=3&I=1.92_vet
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 10832e5bb99c670b86b3674ce3ff3982dc5819b970f36262ab117641835fea7f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:44 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 363
Expires: Wed, 24 Jan 2024 22:39:44 GMT

GET
H/1.1 200
OK topbg.gif
www.paladiny.ru/pics/ 2 KB
2 KB 384ms
137ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/topbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 9136d411ae25e3b6095f96a4dd7a8e6e88d42af73d49bf7f447a53cf494913dc

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:40:24 GMT
Server: nginx/1.9.2
ETag: "486509e8-911"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2321

GET
H/1.1 200
OK loginbg.jpg
www.paladiny.ru/pics/ 5 KB
5 KB 250ms
140ms Image
image/jpeg 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/loginbg.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: fd7bd8899129d916ffbfa0b67e14f6dde1fd46008f042ef00dfbd7dd99361511

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:16 GMT
Server: nginx/1.9.2
ETag: "48650878-137a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4986

GET
H/1.1 200
OK lmenubg.gif
www.paladiny.ru/pics/ 75 B
310 B 247ms
137ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmenubg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: f1533d88066cf986a9dd24c2ada9e9386cbdd29793e1448af235bac55a16dbb0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:14 GMT
Server: nginx/1.9.2
ETag: "48650876-4b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75

GET
H/1.1 200
OK lmenuhbg.gif
www.paladiny.ru/pics/ 3 KB
4 KB 391ms
140ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmenuhbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: a13fa404297bf52896c2e3ddda49891e7f23c268d43a1cf04a03a2b02e32ad54

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:14 GMT
Server: nginx/1.9.2
ETag: "48650876-d30"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3376

GET
H/1.1 200
OK lmenurbg.gif
www.paladiny.ru/pics/ 63 B
298 B 254ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmenurbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: df1c3706de99045e28932083d74815c3bc1330c57de9c861e5f4e5de88ae70e4

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:15 GMT
Server: nginx/1.9.2
ETag: "48650877-3f"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63

GET
H/1.1 200
OK blbg.gif
www.paladiny.ru/pics/ 562 B
799 B 250ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/blbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/js/main.css
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: c5da2474740f8762021661a2d791f5d348e1109d60b0b11c319bddb16d089836

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/js/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:44 GMT
Last-Modified: Fri, 27 Jun 2008 15:33:14 GMT
Server: nginx/1.9.2
ETag: "4865083a-232"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 562

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 334 B
558 B 2622ms
1487ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=3&I=1.6_vet
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 8412bce443ef6b3d9c4de58c77ea3571a92b2e5813c5d48712b8e3115d271105

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:46 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 334
Expires: Wed, 24 Jan 2024 22:39:46 GMT

GET
H/1.1 200
OK cache_image.php
www.paladiny.ru/ 334 B
558 B 795ms
425ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/cache_image.php?T=3&I=1.5_vet
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: 082213dd11b283471559bdd96f0d8e4d3271e4cf891bb043ff40d1214425e306

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 24 Jan 2024 22:39:45 GMT
Server: nginx/1.9.2
Connection: keep-alive
X-Powered-By: PHP/5.3.29-1~dotdeb.0
Content-Length: 334
Expires: Wed, 24 Jan 2024 22:39:45 GMT

GET
H/1.1 200
OK inf5.gif
www.paladiny.ru/images/img/ 78 B
313 B 1134ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/img/inf5.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 556f5f52b8aefd4caa5e44b22b6f5be1b9fa9a66cedd040244594ccbb3016479

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:45 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:30 GMT
Server: nginx/1.9.2
ETag: "48650796-4e"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78

GET
H/1.1 200
OK inf2.gif
www.paladiny.ru/images/img/ 76 B
311 B 1373ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/img/inf2.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 4352e17e29cc43306f11c9e6d6e652a9bdad95b7469dea705d85d31a38089bf9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:45 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:29 GMT
Server: nginx/1.9.2
ETag: "48650795-4c"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/ 403 KB
137 KB 261ms
121ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080643

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

284d9df9ba2df4f483cccce3976a6fb6d094a28009fa14e0fd0f591a3b16c6d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139753
x-xss-protection: 0
server: cafe
etag: 1493239948257871362
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 22:39:44 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 80F1 9 KB
5 KB 210ms
63ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 81414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 00:02:50 GMT
etag: 3890843268177463596
expires: Wed, 07 Feb 2024 00:02:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 12D5 110 KB
45 KB 1111ms
1110ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=600&slotname=1332047107&adk=1460880071&adf=2290519548&pi=t.ma~as.1332047107&w=160&lmt=1706135985&format=160x600&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&wgl=1&dt=1706135984681&bpp=4&bdt=752&idt=452&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&correlator=8689844020243&frm=20&pv=2&ga_vid=1872308815.1706135985&ga_sid=1706135985&ga_hid=973648987&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080588%2C31080643%2C95320889%2C95321627%2C95322164&oid=2&pvsid=3989127231409994&tmod=252036428&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=472

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080643

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

467df629965cb31a59773a22d0ca9d38b41142dbfcdcabfc8e4bc10b0885f6e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46012
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 22:39:46 GMT
expires: Wed, 24 Jan 2024 22:39:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 595 B
1 KB 212ms
195ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=1449916&session_id=649043103_1706135985935&session_number=1&session_event_number=1&version=3.15.2i&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.1449916.1932420993.1706135985933&adtech_uid=8c7cff44-9bad-4a47-95c2-a82bf2047bf3&adtech_uid_scope=paladiny.ru&fingerprint=pA8AAENKs1d2x1HGAaYVjwA%3D&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&request_id=1706135985.933-1246381785&event_id=580559859398907&meta=%7B%22title%22%3A%22%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%22600%22%7D&rn=840246172
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: 16a992224a960c618cc1c18e44a4b6301a665cad4039374421247a353bd9db75

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:46 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
server: nginx
x-srv: 0kraken-prod0002.ad.rambler.tech
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 595

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

http://d4.c1.b4.a1.top.list.ru/counter?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.34411730629212856
https://top-fwz1.mail.ru/counter?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.34411730629212856;ver=30
https://top-fwz1.mail.ru/counter2?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.34411730629212856;ver=30

572 B
1 KB

177ms
176ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.34411730629212856;ver=30

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

dcf1a524e28148460c60ba9e8ed9477b7f8ae2f536650bd883b48ec12aa853cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:47 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 572
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Wed, 24 Jan 2024 22:39:47 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.34411730629212856;ver=30
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK spacer.gif
www.paladiny.ru/pics/ 43 B
278 B 138ms
137ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/spacer.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 74e51ad76a9c144a79ddce4488618495769b9c3af5b6ff4651315545850ae3a2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:50 GMT
Last-Modified: Fri, 27 Jun 2008 15:40:21 GMT
Server: nginx/1.9.2
ETag: "486509e5-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H/1.1 200
OK dbg.gif
www.paladiny.ru/pics/ 1 KB
1 KB 139ms
139ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/dbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: ae1401ab4ddd9845a325bf809e93499c7d8bc0a52e8f032f206da67272aabcc0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/index.dwar.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:50 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:04 GMT
Server: nginx/1.9.2
ETag: "4865086c-447"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1095

GET
H2 200 aci.js Show response
www.acint.net/ 30 KB
9 KB 558ms
187ms Script
application/x-javascript 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/291/2/5291.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: d9453129c16b0215069d80e4b526c0546b259fae8d615e1b3aa775a8d76bac57

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:46 GMT
content-encoding: gzip
last-modified: Thu, 11 Jan 2024 07:27:20 GMT
server: openresty
etag: "659f9858-2238"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 8760
expires: Thu, 25 Jan 2024 10:39:46 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F40 312 KB
74 KB 481ms
477ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&adk=1812271804&adf=3025194257&lmt=1706135985&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&dt=1706135985954&bpp=8&bdt=2025&idt=9&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=8689844020243&frm=20&pv=1&ga_vid=1872308815.1706135985&ga_sid=1706135985&ga_hid=973648987&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080588%2C31080643%2C95320889%2C95321627%2C95322164&oid=2&pvsid=3989127231409994&tmod=252036428&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=23

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080643

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eebb322b3693f50b9728fec5f5722da542e92c419c8b96e552ee5e1acff0333a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 75322
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 22:39:46 GMT
expires: Wed, 24 Jan 2024 22:39:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12D5 42 B
173 B 98ms
97ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BAfsg0uVQMqF7W2aNhOMFL0l852fQJeR5sdvBNA8h-2MU5ftuC8ZyPeqzFDJtC6GLK2ntO3y9qCbh1KhSya2vlDVFG31zEIjtbe1mR0CsMCs2FsRg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=600&slotname=1332047107&adk=1460880071&adf=2290519548&pi=t.ma~as.1332047107&w=160&lmt=1706135985&format=160x600&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&wgl=1&dt=1706135984681&bpp=4&bdt=752&idt=452&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&correlator=8689844020243&frm=20&pv=2&ga_vid=1872308815.1706135985&ga_sid=1706135985&ga_hid=973648987&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080588%2C31080643%2C95320889%2C95321627%2C95322164&oid=2&pvsid=3989127231409994&tmod=252036428&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=472

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B03E 624 B
246 B 92ms
91ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhju34ngATAB&v=APEucNUaacmCG1VW6RZdfmTnkrAx98eEweLAyfly6iYdmv1LlgVbsE6W0aP5kgpDeMvW3hNXi_pkEHv51513PPigCIzpGr-fjw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=600&slotname=1332047107&adk=1460880071&adf=2290519548&pi=t.ma~as.1332047107&w=160&lmt=1706135985&format=160x600&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&wgl=1&dt=1706135984681&bpp=4&bdt=752&idt=452&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&correlator=8689844020243&frm=20&pv=2&ga_vid=1872308815.1706135985&ga_sid=1706135985&ga_hid=973648987&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080588%2C31080643%2C95320889%2C95321627%2C95322164&oid=2&pvsid=3989127231409994&tmod=252036428&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=472
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 22:39:46 GMT
expires: Wed, 24 Jan 2024 22:39:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 12D5 172 KB
61 KB 226ms
65ms Script
text/javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 20:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Jan 2024 20:44:48 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 12D5 8 KB
3 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 06:10:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 12D5 23 KB
9 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 06:10:37 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 12D5 41 KB
14 KB 227ms
74ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 534326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 18:14:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 12D5 3 KB
1 KB 280ms
132ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:54:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 12D5 20 KB
9 KB 215ms
67ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:54:38 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12D5 205 KB
65 KB 115ms
96ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 22:39:46 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B03E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOefuDp4R6g1ta8ZOyMV_Y&google_cver=1

43 B
335 B

83ms
83ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOefuDp4R6g1ta8ZOyMV_Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhju34ngATAB&v=APEucNUaacmCG1VW6RZdfmTnkrAx98eEweLAyfly6iYdmv1LlgVbsE6W0aP5kgpDeMvW3hNXi_pkEHv51513PPigCIzpGr-fjw
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AaYU1GVk8Y9toZihTAKfCi%2BRt8WKwxGxeTUBLLiH%2B3B7smQw5uwZQAQsRP3Gc0A9Kb931v1uzblx6qEfEl8VEvNfGbqk6GrS0XvMEtNiBnGkPoec9eqA6g7iQPusaE2kFmMXCSUxQeQYJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84abc63c8b332221-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOefuDp4R6g1ta8ZOyMV_Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B03E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbGRslXZy2R5OSgZR8hWRAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOefuDp4R6g1ta8ZOyMV_Y&google_cver=1

43 B
330 B

75ms
74ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOefuDp4R6g1ta8ZOyMV_Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhju34ngATAB&v=APEucNUaacmCG1VW6RZdfmTnkrAx98eEweLAyfly6iYdmv1LlgVbsE6W0aP5kgpDeMvW3hNXi_pkEHv51513PPigCIzpGr-fjw
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njuuXks2gnWlf3%2BColVvj1rKRczAQ5SwHZg3a7LkjUJZluuWpI8SOj8yytE%2F%2FXrczTyqofz%2FOdrpfccFpO6agIODXNdho7Nb4iUnxHceqrkOFMIn%2FdbbrQKHT%2F78NOl83bhymHDEXlXrcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84abc63d4c4e2221-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOefuDp4R6g1ta8ZOyMV_Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame B03E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFVpk2VY0wn9b8tLjR_H4G4&google_cver=1

43 B
1 KB

82ms
81ms

Image
image/gif

68.67.160.24
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFVpk2VY0wn9b8tLjR_H4G4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhju34ngATAB&v=APEucNUaacmCG1VW6RZdfmTnkrAx98eEweLAyfly6iYdmv1LlgVbsE6W0aP5kgpDeMvW3hNXi_pkEHv51513PPigCIzpGr-fjw

Protocol

Server

68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:46 GMT
an-x-request-uuid: b95142fc-ec43-4af1-bb74-240a971bcbb1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.69; 38.132.118.69; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFVpk2VY0wn9b8tLjR_H4G4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B03E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3ODg3NzA2NzM5ODYwODk5OQ%3D%3D

170 B
243 B

78ms
77ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3ODg3NzA2NzM5ODYwODk5OQ%3D%3D

Requested by

Protocol

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:46 GMT
an-x-request-uuid: 7f58cc86-cd06-4d70-941a-557ec38ce2ea
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3ODg3NzA2NzM5ODYwODk5OQ%3D%3D
x-proxy-origin: 38.132.118.69; 38.132.118.69; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 get_sspuid Show response
www.acint.net/services/ 92 B
282 B 188ms
186ms Script
application/javascript 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/services/get_sspuid?callback=cid_65b191b28_11581711
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: 16a13f03800eb94f7dd25cafb4f617f9d123631760262c4d2c8217c1ed8b8b29

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:46 GMT
server: openresty
content-length: 92
content-type: application/javascript

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/ 165 KB
56 KB 98ms
98ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/reactive_library_fy2021.js?bust=31080643

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080643

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4741017e14fbeebccff8b1a7c163923ede8be6230a8d321863de9c84fa15c3bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56989
x-xss-protection: 0
server: cafe
etag: 17924024630267980422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 22:39:46 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 21B4 717 B
375 B 404ms
402ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=280&adk=2238285969&adf=821804958&pi=t.aa~a.469292974~i.14~rp.1&w=551&fwrn=4&fwrnh=100&lmt=1706135986&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9553686225&ad_type=text_image&format=551x280&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&fwr=0&pra=3&rh=138&rw=551&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1706135986606&bpp=3&bdt=2676&idt=-M&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0&nras=2&correlator=8689844020243&frm=20&pv=1&ga_vid=1872308815.1706135985&ga_sid=1706135985&ga_hid=973648987&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=193&ady=1271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080588%2C31080643%2C95320889%2C95321627%2C95322164&oid=2&pvsid=3989127231409994&tmod=252036428&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080643

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff424caa88cbea4e212549b1098a341924b923fbb4ed9396e628f493821cfe59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 22:39:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6524 717 B
375 B 403ms
401ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=280&adk=2238285969&adf=2522502942&pi=t.aa~a.469292974~i.16~rp.1&w=551&fwrn=4&fwrnh=100&lmt=1706135986&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9553686225&ad_type=text_image&format=551x280&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&fwr=0&pra=3&rh=138&rw=551&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1706135986606&bpp=1&bdt=2676&idt=1&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280&nras=3&correlator=8689844020243&frm=20&pv=1&ga_vid=1872308815.1706135985&ga_sid=1706135985&ga_hid=973648987&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=193&ady=1577&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080588%2C31080643%2C95320889%2C95321627%2C95322164&oid=2&pvsid=3989127231409994&tmod=252036428&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080643

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4d68b7b7c354a51caf3dbaadc87f1a3e57249e72ef6967eb5f3da63f9a002ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 22:39:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B3D 717 B
376 B 333ms
332ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706135986&rafmt=1&to=qs&pwprc=9553686225&format=1200x90&url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706135986638&bpp=1&bdt=2709&idt=1&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C0x0%2C551x280%2C551x280&nras=4&correlator=8689844020243&frm=20&pv=1&ga_vid=1872308815.1706135985&ga_sid=1706135985&ga_hid=973648987&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080588%2C31080643%2C95320889%2C95321627%2C95322164&oid=2&pvsid=3989127231409994&tmod=252036428&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080643

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31ef2a7ad3ff0d361a9020bb4cc9a957fda2dd7dc1380d681c812abd3ecd6f54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 22:39:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E94E 38 KB
13 KB 69ms
64ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 465685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 13:18:21 GMT
expires: Sat, 18 Jan 2025 13:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 12D5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63f03b438a3e9e864cd2193559b3efc05731cc55cf308ad75805fd9c441917e2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 34 KB
5 KB 211ms
79ms Document
text/html 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e24ab7000162970de99766dd4222d0ed88adea64e1e08b044edfe5268360d7e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 22:39:46 GMT
expires: Thu, 23 Jan 2025 22:39:46 GMT
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 12D5 0
0 292ms
143ms Fetch
image/gif 142.251.40.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst6ubG_RGvB4jxqMgLnSnDigJ8A3r33iLG4vTqDs5kWsec_y6flliP9mSrn5Wr6IxwB9_jhHBK-vI3ED2oki9HZP6_WDB611RWrxurssyzSrNPEVNUDJTvVA5JmSFx1pc4K9ZBDzSeHvEHZ7m7PVag6qzI4YoBjeqshkqFp3W82rlq56O5hHyPmQfZgm3w2nvy7ft3zVf41Rcc8TwKnvojR-ST2zd_PIvr1epiZD_9F2V_ZaTKmScIsvXa4FaFXgtozwoD4_vv6V2fFl6hoe8HagyQmTiethFIn8PCufPQm-sNV5bB7kI9iXYIjbR8CW8BuSBJBKVntuUrYFb267GwEFvLg6mXBXUuPFLxbZv7wON9c5vOfrw-TkckGA4hZEtSjlbSz_51IjAJn8nk_ugiRUatHIDPi74klr1siXR2Ensc6Yy1bE48h8UFXQqMLpBGA3UlzA55ZKR_BHuLBErk43WtBWkAK1TxppwN6dcDxQkGQxVUH78_Sl8GFovb2RDvkMVkCORwdMIeRL9tzM5w77cE0IztxroK7hNvQpAjz6WGkeN2ZEsKohoKB-JX9pp_9OwAGPcm1mWlizPI4qDk4mLx_V9cru7wlkgEQ5GoGsVXKX3GiNg778MaQgDMKORGZE3y1phF9gnrC4Kqim3WyscWVuX9U-J1VwlfFCnUb0ikxXXnoSHG4V_5aGdawKgFJK5KHo2wXD6_DLUlr7eqEZVyKw3yoo-F-srFS8htiByMgQ6B3JJj_SIlOG0IfHt2aPH_s-x6FfX9jDdGoTznaizuPM68265BW2HVhJtejvO9tsCnd8C4Ozev7vXCMT1yY3ypmnLApsaOolL4AyRnCK6B7GTfeUkgN1IPGR2sPteSwK_gjfKTCvlPPXSiHyVR1LGoImp0LxFuTicBDoZTLpy4zvypbD8clOzV80nRKAOkB8_-liAyO_Jf1Uwa7n7RDL97r2NlnX4fvOPWx-p56OVSRXkOi5alIuV5xuQpispj3YjQKqRg50Yeu-bF9DPxuVBKHE1F154wUL_FQNNsvTMlEuZt3gYghLUGSJI-oBrA5gP6HYh8wVT4Gg1g3A8gE77ltHGsuE-GX60V-gztnPObTJXvwYmDcCy2fpGAXKNann4MFJLw6j1FXMyKYJFJ528RlAWupQQtPBkfsERGAJ2tM7zZ5EoDBIIeeKcQvTVqJy_fMVWoj4xhayVPdDYNQgcgvrjZtgzIZ7EVc8nOULpOnQK8svwyg_-nlLA69d9Q942Mra6BIOnLI0DBA-rwVtyYe5niD9s8mHWoBACaGdg2bp1-p_9r0btCOyYMDOxSa-q3VAT8Ba7fKVmrhxONZLkiUNk-eYwpOadM&sai=AMfl-YTWPEQ6upHp8W0QEKvoOFOnzA_JWGdL1HOp95W9g9cj1ZSVaFmQiwtEHy7lZMdlBhFgZCkb33j_2Dy0p5Z1h89QkbdEf9NpIN154o75KGYMQwghWiNVQ78YloBtcdqSdojE8sTh86bnfH6VVQNj1PO2JizndHgPMPI3Hp1HF9U2dzImMQstD5vBC9t6LlMi-weLvBY8T7HUG6mNTQAikPUK12JNMiKY5nEn6DDUDjPHUvTklmK3vZwu7DpdUS3FV8RG50PckqFaMI7n8KDtgttWjcupjgbYJIm7JVqtSsKRPl5hXzxmD6TSphqT7BiXLXHbYR9IpgH7xpM9xf8uKOc4XJ57NPAcsee0mQM6XH5WNNp1VHwjE_ov_BgNlH9rYwOHLAyeg2b6rP_5CMWLyLTac_rFIB-mwJxEWLIDvCA4CF3QnFXzPs91i4xiR8itfaUMnAG1pKNOqnaEtLUx22dfSthvdnBzvuXC25OqqOazS_HrV-eKbzAjFXBiNOGavA0JDuerOM1k&sig=Cg0ArKJSzHY_v7Iq5crAEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYWRpc3NvbmhvdGVscy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=432&cbvp=1&cstd=421&cisv=r20240122.72177&arae=0&ftch=1&adurl=

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 Jan 2024 22:39:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
713 B 763ms
191ms Script
application/javascript 193.3.184.211
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_65b191b2d_33738441&srtbid=5291&scids=161201908,164073619&sx=1600&sy=4645&aid=0A00007FB291B1659E00F3B20269D48E&ref=&u=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&allimps=1&fl=0&v=3&tz=-10%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/291/2/5291.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.211 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: eb9d2de9eb262c519a7f476d9e8b1c23b180e34bf242ea7bf587b87caba2b915

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:47 GMT
Content-Encoding: gzip
Server: openresty
X-YaTraceId: 69e6078d6fe144d28287d25d1dc4d481
X-YaRequestId: aaa17e23acbf4d7f97d1e6284f5677f8
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
X-YaSpanId: 0a2f7a33164946dd
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 50
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 157 KB
56 KB 759ms
379ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/291/2/5291.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

2424b2e976617601f41ddb5d7258048adff1c50e9b4e82c42f5bd7ef864ebd54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 22 Jan 2024 14:13:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65ae77f0-ddde"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 56798
expires: Wed, 24 Jan 2024 23:39:47 GMT

GET
H/1.1 200
OK ymcode Show response
ssp-rtb.sape.ru/ 36 B
529 B 576ms
187ms Script
text/html 193.3.184.211
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/ymcode?callback=sapeRTB_65b191b2d_11939447
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/291/2/5291.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.211 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: 52ed1a4d1b894947d902eb50bbecb6b9c46d5d24678f1670d85ece0e1ea94395

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:47 GMT
Content-Encoding: gzip
Server: openresty
X-YaTraceId: bfee934eaa41401e9b1a52960ef91b56
X-YaRequestId: d847c2ae24cc4e12bd6b5eb166dba77d
Access-Control-Allow-Methods: GET
Content-Type: text/html
Access-Control-Allow-Origin: *
X-YaSpanId: 4ee05be5c694a5ba
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 56
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 / Show response
www.acint.net/mc/ Frame 024E 5 KB
5 KB 195ms
190ms Document
text/html 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: 991f019316b8c5ab27cf793d84e794cc1d18f30307d8197bfca63fa6db512ed3

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 24 Jan 2024 22:39:46 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

GET
H2 200 oci.js Show response
www.acint.net/ 31 KB
14 KB 194ms
187ms Script
application/x-javascript 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/oci.js?t=1706135986821
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: d17ef4cb1661283f9fe5bd764b3d235e7fd95f330575296c889a3925a6c25556

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:46 GMT
content-encoding: gzip
last-modified: Mon, 09 Jan 2023 08:01:14 GMT
server: openresty
etag: W/"63bbc9ca-7dac"
content-type: application/x-javascript

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 191ms
185ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A1545%7D&sid=65b191b1-f3f7-d0qg-unds-7i403aph66hy&aid=0A00007FB291B1659E00F3B20269D48E&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1706135987
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 192ms
186ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A13499%2C%22ev%22%3A%22loadFree%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=65b191b1-f3f7-d0qg-unds-7i403aph66hy&aid=0A00007FB291B1659E00F3B20269D48E&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1706135987
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 191ms
186ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=5291.13499.161201908.0.0.0&sid=65b191b1-f3f7-d0qg-unds-7i403aph66hy&aid=0A00007FB291B1659E00F3B20269D48E&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1706135987
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 195ms
189ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A13499%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=65b191b1-f3f7-d0qg-unds-7i403aph66hy&aid=0A00007FB291B1659E00F3B20269D48E&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1706135987
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 192ms
188ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A692898%2C%22ev%22%3A%22loadFree%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=65b191b1-f3f7-d0qg-unds-7i403aph66hy&aid=0A00007FB291B1659E00F3B20269D48E&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1706135987
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 193ms
188ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=5291.692898.164073619.0.0.0&sid=65b191b1-f3f7-d0qg-unds-7i403aph66hy&aid=0A00007FB291B1659E00F3B20269D48E&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1706135987
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 196ms
192ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A692898%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=65b191b1-f3f7-d0qg-unds-7i403aph66hy&aid=0A00007FB291B1659E00F3B20269D48E&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1706135987
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 /
www.acint.net/hit/ 43 B
224 B 192ms
189ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.7.0&uid=f5aa44ee-877b-4856-9255-0bc4973e207f&dp=14&tz=-10%3A00&nc=462406&aid=0A00007FB291B1659E00F3B20269D48E&u=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=&rs=1600x1200&t=%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&oE=1&oP=1&dT=2024-01-24T12%3A39%3A46.818&fu=58074af4-a8b4-4a91-8976-fbde2e2b3373
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 7C4B 9 KB
4 KB 65ms
64ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080643

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 79698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 00:31:28 GMT
etag: 3890843268177463596
expires: Wed, 07 Feb 2024 00:31:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 2CB5 9 KB
4 KB 64ms
63ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080643

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 79698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 00:31:28 GMT
etag: 3890843268177463596
expires: Wed, 07 Feb 2024 00:31:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame E94E 39 KB
15 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 20:07:57 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 7C4B 4 KB
1 KB 218ms
81ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 22:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 20:42:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 22:39:47 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7C4B 205 B
296 B 202ms
65ms Image
image/png 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:31:49 GMT
x-content-type-options: nosniff
age: 464878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Jan 2025 13:31:49 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7C4B 604 B
1 KB 201ms
64ms Image
image/png 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:16:59 GMT
x-content-type-options: nosniff
age: 465768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Jan 2025 13:16:59 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 7C4B 16 KB
7 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6870
x-xss-protection: 0
server: cafe
etag: 16407976921096022632
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 06:10:05 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 7C4B 22 KB
9 KB 81ms
80ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9462
x-xss-protection: 0
server: cafe
etag: 4236850132385514013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 06:10:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 2CB5 23 KB
9 KB 98ms
97ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:54:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2CB5 8 KB
823 B 228ms
109ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 22:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:37:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 22:39:47 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 2CB5 15 KB
3 KB 238ms
63ms Stylesheet
text/css 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:43:22 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 2CB5 378 KB
132 KB 244ms
70ms Script
text/javascript 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389829
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 10:22:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 2CB5 20 KB
8 KB 73ms
72ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:54:38 GMT

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 55 B
104 B 67ms
65ms Stylesheet
text/css 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:18:56 GMT
date: Fri, 19 Jan 2024 13:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465651
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 731 B
264 B 74ms
67ms Stylesheet
text/css 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:35:38 GMT
date: Fri, 19 Jan 2024 13:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464649
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 24 B
73 B 73ms
66ms Stylesheet
text/css 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:23:25 GMT
date: Fri, 19 Jan 2024 13:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 303 B
203 B 77ms
70ms Stylesheet
text/css 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:15:12 GMT
date: Fri, 19 Jan 2024 13:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdattached_style.css
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 26 B
75 B 76ms
70ms Stylesheet
text/css 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:13:59 GMT
date: Fri, 19 Jan 2024 13:13:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdtaparea_style.css
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 157 B
145 B 77ms
70ms Stylesheet
text/css 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:19:33 GMT
date: Fri, 19 Jan 2024 13:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465614
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 20 KB
6 KB 105ms
99ms Script
application/x-javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:24:26 GMT
date: Fri, 19 Jan 2024 13:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465321
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6266
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 3 KB
1 KB 113ms
107ms Script
application/x-javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:41:27 GMT
date: Fri, 19 Jan 2024 13:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464300
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 8 KB
3 KB 100ms
93ms Script
application/x-javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:21:07 GMT
date: Fri, 19 Jan 2024 13:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3136
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 2223 120 KB
41 KB 73ms
66ms Script
text/javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 21:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Jan 2024 21:58:16 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 13 KB
4 KB 113ms
107ms Script
application/x-javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 21 Jan 2025 04:16:47 GMT
date: Mon, 22 Jan 2024 04:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238980
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4427
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 5 KB
2 KB 119ms
111ms Script
application/x-javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:39:55 GMT
date: Fri, 19 Jan 2024 13:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2014
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdattached_min.js Show response
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 1 KB
622 B 121ms
112ms Script
application/x-javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:39:55 GMT
date: Fri, 19 Jan 2024 13:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 590
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdtexthelper_min.js Show response
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 4 KB
2 KB 123ms
114ms Script
application/x-javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:22:42 GMT
date: Fri, 19 Jan 2024 13:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1725
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdtaparea_min.js Show response
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 3 KB
1 KB 150ms
134ms Script
application/x-javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:23:17 GMT
date: Fri, 19 Jan 2024 13:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1355
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdgpadataprovider_min.js Show response
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 3 KB
1 KB 150ms
134ms Script
application/x-javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwdgpadataprovider_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:25:56 GMT
date: Fri, 19 Jan 2024 13:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465231
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1485
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwddatabinder_min.js Show response
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 5 KB
2 KB 124ms
108ms Script
application/x-javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwddatabinder_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:29:18 GMT
date: Fri, 19 Jan 2024 13:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2351
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwd-text-fitting.js Show response
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 5 KB
2 KB 152ms
137ms Script
application/x-javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwd-text-fitting.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:45:51 GMT
date: Fri, 19 Jan 2024 13:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464036
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2038
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwd-dynamic-binders.js Show response
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 22 KB
9 KB 149ms
135ms Script
application/x-javascript 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/gwd-dynamic-binders.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdae14000f409e929efc6f3cfd785b90a939d22044705a48f1a3b5074620fc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:30:29 GMT
date: Fri, 19 Jan 2024 13:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464958
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8917
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2

200

match
acint.net/ Frame 024E
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=2203420AB391B165CD026E6002DC514D

43 B
269 B

208ms
185ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=2203420AB391B165CD026E6002DC514D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:47 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=2203420AB391B165CD026E6002DC514D
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 024E
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0A00007FB291B1659E00F3B20269D48E
https://px.adhigh.net/p/cm/sape?u=0A00007FB291B1659E00F3B20269D48E&bounced=1
https://acint.net/match?dp=17&euid=u6o2eEf63qfc.AikABlGNPaElKQ
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14
https://acint.net/match?dp=14&euid=1A03420AB391B165D8028A3402077B1A

43 B
269 B

193ms
192ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=1A03420AB391B165D8028A3402077B1A
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:48 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=1A03420AB391B165D8028A3402077B1A
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 024E
Redirect Chain

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5516762490
https://www.acint.net/rmatch?dp=45&euid=APv0aNkioNPJG6TJvDEk1Ug&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fssp.adriver.ru%252Fcgi-bin%252Fsync.cgi%253Fssp_id%253D43%2526external_...
https://acint.net/rmatch?dp=14&euid=1A03420AB391B165D8028A3402077B1A&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A00007FB291B1659E00F3B20269D48E

42 B
201 B

201ms
201ms

Image
image/gif

81.222.128.213
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A00007FB291B1659E00F3B20269D48E
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: HTTP/1.1
Server: 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad13.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:48 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Wed, 24 Jan 2024 22:39:48 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A00007FB291B1659E00F3B20269D48E
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 024E 0
749 B 457ms
323ms Image
text/plain 2606:4700:20::681a:6bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=8&id=0A00007FB291B1659E00F3B20269D48E
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlIS0vLYP%2Bd7Ij7bSbnuBujSB4o993aBD2raR0wLwdLWkni3Muib%2Buer6NKJRLZxdMHLpUw%2BsA34MWy5zhYtgPZmkYn5Vx7accBV9wuQV0DtpGGDn%2BKbWOqVPvCKe%2BlPcSoE64StCmcTCA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 84abc6401e7ab3c7-MIA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 024E 0
376 B 446ms
145ms Image
text/plain 37.230.131.22
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0A00007FB291B1659E00F3B20269D48E

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.22 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:47 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://www.acint.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 525
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 024E 3 KB
3 KB 650ms
189ms Script
application/javascript 185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:47 GMT
Last-Modified: Wed, 24 Jan 2024 22:34:19 GMT
Server: nginx
ETag: "65b1906b-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 024E 0
69 B 559ms
170ms Image
text/plain 194.55.244.179
PROCLOUD PROCLOUD...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0A00007FB291B1659E00F3B20269D48E
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.179 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 24 Jan 2024 22:39:47 GMT
server: nginx/1.23.2

GET
H2

200

match
acint.net/ Frame 024E
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://www.acint.net/match?dp=71&euid=45f2770a-e408-4cc4-9092-5358528c8501
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14
https://acint.net/match?dp=14&euid=1A03420AB391B165D8028A3402077B1A

43 B
269 B

185ms
183ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=1A03420AB391B165D8028A3402077B1A
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:48 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=1A03420AB391B165D8028A3402077B1A
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 024E
Redirect Chain

https://s.ccsyncuuid.net/match/5/?remote_uid=0A00007FB291B1659E00F3B20269D48E
https://acint.net/match?dp=80&euid=ZVhCzQlzCP31Rn6maF2x
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14
https://acint.net/match?dp=14&euid=1A03420AB391B165D8028A3402077B1A

43 B
269 B

184ms
182ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=1A03420AB391B165D8028A3402077B1A
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:47 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=1A03420AB391B165D8028A3402077B1A
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 024E 42 B
201 B 818ms
184ms Image
image/gif 81.222.128.213
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0A00007FB291B1659E00F3B20269D48E
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad13.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:47 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame 024E
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=ATTWSOTG

43 B
269 B

184ms
183ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=ATTWSOTG
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=95&euid=ATTWSOTG
date: Wed, 24 Jan 2024 22:39:48 GMT
server: nginx/1.22.0
content-length: 74
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 024E
Redirect Chain

https://sync.adspend.space/sape?uid=0A00007FB291B1659E00F3B20269D48E
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D79fcf056-37bd-475b-a157-3b2bb578f8f4
https://www.acint.net/match?dp=98&euid=79fcf056-37bd-475b-a157-3b2bb578f8f4

43 B
269 B

192ms
191ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=98&euid=79fcf056-37bd-475b-a157-3b2bb578f8f4
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Wed, 24 Jan 2024 22:39:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: nginx/1.22.1
access-control-max-age: 1728000
access-control-allow-methods: PUT, GET, POST, OPTIONS
content-type: text/html; charset=utf-8
location: https://www.acint.net/match?dp=98&euid=79fcf056-37bd-475b-a157-3b2bb578f8f4
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, authorization
content-length: 102

GET
H2

200

match
www.acint.net/ Frame 024E
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=7aM9XKHP2GgV

43 B
269 B

184ms
184ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=7aM9XKHP2GgV
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=7aM9XKHP2GgV
Date: Wed, 24 Jan 2024 22:39:48 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 024E
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0A00007FB291B1659E00F3B20269D48E&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0A00007FB291B1659E00F3B20269D48E&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1&rts=65...
https://acint.net/match?dp=107&euid=72ddb1c2-2157-5319-8933-1392ec828221

43 B
269 B

184ms
183ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=72ddb1c2-2157-5319-8933-1392ec828221
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=72ddb1c2-2157-5319-8933-1392ec828221
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 024E
Redirect Chain

https://ads.adlook.me/csync?pid=sape&uid=0A00007FB291B1659E00F3B20269D48E&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=cc7d8fc4e4aa437a97f0713506632386

43 B
269 B

183ms
183ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=cc7d8fc4e4aa437a97f0713506632386
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=cc7d8fc4e4aa437a97f0713506632386
date: Wed, 24 Jan 2024 22:39:47 GMT
server: Microsoft-IIS/10.0

GET
H2

200

match
www.acint.net/ Frame 024E
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0A00007FB291B1659E00F3B20269D48E
https://vma.mts.ru/match/second?ssp=30&exu=0A00007FB291B1659E00F3B20269D48E
https://tech.rtb.mts.ru/?dsp_uid=73cad835-3259-4e6a-b51e-b3eaa452c2a3&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D30%2...
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
https://vma.mts.ru/em?next=30&em=2&ssp=aidata&id=d9aZtlRGCYuxmS639VJkWA
https://www.acint.net/match?dp=125&euid=73cad835-3259-4e6a-b51e-b3eaa452c2a3

43 B
269 B

185ms
184ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=125&euid=73cad835-3259-4e6a-b51e-b3eaa452c2a3
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:50 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:49 GMT
Server: nginx
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Location: https://www.acint.net/match?dp=125&euid=73cad835-3259-4e6a-b51e-b3eaa452c2a3
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 024E
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=4a31dfa2-8979-4353-58f3-11b3c16cba0d

43 B
269 B

184ms
183ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=4a31dfa2-8979-4353-58f3-11b3c16cba0d
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=4a31dfa2-8979-4353-58f3-11b3c16cba0d
date: Wed, 24 Jan 2024 22:39:48 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 024E
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0A00007FB291B1659E00F3B20269D48E
https://www.acint.net/match?dp=127&euid=RlSI1Q0E0si7yJdUEveE

43 B
269 B

185ms
184ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=RlSI1Q0E0si7yJdUEveE
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=RlSI1Q0E0si7yJdUEveE
date: Wed, 24 Jan 2024 22:39:48 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 024E
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=u6n0pq7zcn

43 B
269 B

184ms
183ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=u6n0pq7zcn
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:49 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:48 GMT
server: nginx/1.22.0
surrogate-control: no-store
vary: Origin
access-control-allow-origin: *
location: https://www.acint.net/match?dp=129&euid=u6n0pq7zcn
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: cb12d7fe-a755-45ca-9502-5ab6e5c2be75
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 024E 0
215 B 546ms
175ms Image
text/plain 217.65.2.150
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0A00007FB291B1659E00F3B20269D48E
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 24 Jan 2024 22:39:48 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2

204

0.gif
x01.aidata.io/ Frame 024E
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0A00007FB291B1659E00F3B20269D48E
https://x01.aidata.io/0.gif?pid=9401454&id=0A00007FB291B1659E00F3B20269D48E&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
433 B

184ms
183ms

Image
text/plain

89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:49 GMT
last-modified: Wed, 24 Jan 2024 22:39:48 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Wed, 24 Jan 2024 22:39:48 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Wed, 24 Jan 2024 22:39:49 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

sape.js
sync.gonet-ads.com/match/ Frame 024E
Redirect Chain

https://sync.gonet-ads.com/match/sape.js?id=0A00007FB291B1659E00F3B20269D48E
https://sync.gonet-ads.com/match/sape.js?id=0A00007FB291B1659E00F3B20269D48E&chk=1

345 B
345 B

152ms
151ms

Image
application/javascript

188.42.105.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.gonet-ads.com/match/sape.js?id=0A00007FB291B1659E00F3B20269D48E&chk=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E

Protocol

Server

188.42.105.236 , Luxembourg, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

Redirect headers

date: Wed, 24 Jan 2024 22:39:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
location: https://sync.gonet-ads.com/match/sape.js?id=0A00007FB291B1659E00F3B20269D48E&chk=1
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 024E
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0A00007FB291B1659E00F3B20269D48E
https://sync.bumlam.com/?src=sap1&s_data=CAIQARi1o8atBmIgMEEwMDAwN0ZCMjkxQjE2NTlFMDBGM0IyMDI2OUQ0OEWiARB7MF0kuwkR7ruxACWQyCQ2

0
523 B

152ms
151ms

Image
text/html

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARi1o8atBmIgMEEwMDAwN0ZCMjkxQjE2NTlFMDBGM0IyMDI2OUQ0OEWiARB7MF0kuwkR7ruxACWQyCQ2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: HTTP/1.1
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Wed, 24 Jan 2024 22:39:49 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Wed, 24 Jan 2024 22:39:49 GMT
Server: nginx
ETag: 7b305d24-bb09-11ee-bbb1-002590c82436
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARi1o8atBmIgMEEwMDAwN0ZCMjkxQjE2NTlFMDBGM0IyMDI2OUQ0OEWiARB7MF0kuwkR7ruxACWQyCQ2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

done
pix.bumlam.com/sync/sape/ Frame 024E
Redirect Chain

https://pix.bumlam.com/sync/sape/check?sspuid=0A00007FB291B1659E00F3B20269D48E
https://sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/sync_ok?guid=7b305d24-bb09-11ee-bbb1-002590c82436
https://7b305d24-bb09-11ee-bbb1-002590c82436.n5.sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/done

43 B
673 B

153ms
152ms

Image
image/gif

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.bumlam.com/sync/sape/done

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E

Protocol

HTTP/1.1

Server

31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Jan 2024 22:39:51 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.acint.net
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-Xss-Protection: 0
Expires: 05-Jun-2005 22:00:00 GMT

Redirect headers

location: https://pix.bumlam.com/sync/sape/done
access-control-allow-origin: *
date: Wed, 24 Jan 2024 22:39:51 GMT
server: nginx/1.24.0
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 0A00007FB291B1659E00F3B20269D48E
an.yandex.ru/mapuid/sapeis/ Frame 024E 43 B
387 B 575ms
190ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0A00007FB291B1659E00F3B20269D48E

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 24 Jan 2024 22:39:49 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 24 Jan 2024 22:39:49 GMT

GET
H/1.1

200
OK

cm
nr.bidderstack.com/sape/ Frame 024E
Redirect Chain

https://nr.bidderstack.com/sape/cm?user_id=0A00007FB291B1659E00F3B20269D48E
https://nr.bidderstack.com/sape/cm?user_id=0A00007FB291B1659E00F3B20269D48E&pupa=1

44 B
384 B

160ms
159ms

Image
image/gif

94.130.221.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr.bidderstack.com/sape/cm?user_id=0A00007FB291B1659E00F3B20269D48E&pupa=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: HTTP/1.1
Server: 94.130.221.58 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.58.221.130.94.clients.your-server.de
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 24 Jan 2024 22:39:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 44
Content-Type: image/gif

Redirect headers

Location: /sape/cm?user_id=0A00007FB291B1659E00F3B20269D48E&pupa=1
Access-Control-Allow-Origin: *
Date: Wed, 24 Jan 2024 22:39:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
www.acint.net/ Frame 024E
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=0A00007FB291B1659E00F3B20269D48E
https://www.acint.net/match?dp=186&euid=0ca9033f-1f43-42f2-a626-cd709655eaba

43 B
269 B

184ms
183ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=0ca9033f-1f43-42f2-a626-cd709655eaba
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:49 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:49 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=0ca9033f-1f43-42f2-a626-cd709655eaba
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 024E
Redirect Chain

https://match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
https://www.acint.net/match?dp=217&euid=f0e2d0a4-e49d-45fc-ae9c-b610709fb6d5

43 B
269 B

184ms
183ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=217&euid=f0e2d0a4-e49d-45fc-ae9c-b610709fb6d5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:49 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=217&euid=f0e2d0a4-e49d-45fc-ae9c-b610709fb6d5
date: Wed, 24 Jan 2024 22:39:49 GMT
access-control-allow-credentials: true
server: nginx
bidder: bid-03 1.1376.f4afd3f
content-length: 0

GET
H/1.1 400
Bad Request user-sync
sync.adkernel.com/ Frame 024E 22 B
22 B 208ms
66ms Image
text/plain 174.137.133.32
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:49 GMT
Cache-Control: no-store
Server: nginx
Connection: close
Content-Length: 22

GET
H2 502 01
sync.programmatica.com/match/ Frame 024E 0
0 816ms
445ms Image
text/html 158.160.128.78
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.programmatica.com/match/01
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.160.128.78 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2

429

weborama-sync
adx.com.ru/ Frame 024E
Redirect Chain

https://adx.com.ru/sape-sync?uid=0A00007FB291B1659E00F3B20269D48E
https://adx.com.ru/sync?sspKey=25&sspUserID=0A00007FB291B1659E00F3B20269D48E
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65b191b5a897d80001f5c578%2526r%253D%26webouid%3...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65b191b5a897d80001f5c578%2526r%253D%26webouid%3...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65b191b5a897d80001f5c578%26r%3D&webouid=9yqIq6YADv1fdOrj57fLZ.

0
0

174ms
174ms

Image
text/html

83.222.117.90
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65b191b5a897d80001f5c578%26r%3D&webouid=9yqIq6YADv1fdOrj57fLZ.
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 83.222.117.90 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:49 GMT
via: 1.1 google
last-modified: Wed, 24 Jan 2024 22:39:50 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65b191b5a897d80001f5c578%26r%3D&webouid=9yqIq6YADv1fdOrj57fLZ.
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 024E
Redirect Chain

https://kimberlite.io/rtb/sync/sape2?u=0A00007FB291B1659E00F3B20269D48E
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZbGRtWqlG3s
https://vma.mts.ru/match/second?ssp=59&exu=ZbGRtWqlG3s
https://tech.rtb.mts.ru/?dsp_uid=73cad835-3259-4e6a-b51e-b3eaa452c2a3&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
https://vma.mts.ru/em?next=59&em=1&ssp=konnektu&id=
https://kimberlite.io/rtb/sync/mts?u=73cad835-3259-4e6a-b51e-b3eaa452c2a3
https://www.acint.net/match?dp=243&euid=ZbGRtWqlG3s

43 B
269 B

184ms
183ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=243&euid=ZbGRtWqlG3s
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:52 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:52 GMT
referrer-policy: no-referrer
Server: nginx
access-control-allow-origin: *
location: https://www.acint.net/match?dp=243&euid=ZbGRtWqlG3s
cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
server-timing: app;srv=0;dur=0.0002
Content-Length: 0

GET
H2

200

match
www.acint.net/ Frame 024E
Redirect Chain

https://sync.dsp.solta.io/match/sape?id=0A00007FB291B1659E00F3B20269D48E
https://sync.dsp.solta.io/match/sape?id=0A00007FB291B1659E00F3B20269D48E&chk=1
https://www.acint.net/match?dp=260&euid=MTZlMzM4NmI1YzQ4MmFjNw

43 B
269 B

184ms
183ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=260&euid=MTZlMzM4NmI1YzQ4MmFjNw
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:50 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=260&euid=MTZlMzM4NmI1YzQ4MmFjNw
date: Wed, 24 Jan 2024 22:39:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 024E 43 B
452 B 626ms
166ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0A00007FB291B1659E00F3B20269D48E
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:50 GMT
Last-Modified: Wed, 24 Jan 2024 22:39:50 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Thu, 25 Jan 2024 04:39:50 GMT

GET
H2 200 set
sync.rambler.ru/ Frame 024E 43 B
225 B 729ms
379ms Image
image/gif 91.192.148.36
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=1b87f89d-4fb1-4046-b5d4-1814eb9a34db&id=0A00007FB291B1659E00F3B20269D48E

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.36 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

sync.rambler.ru

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:50 GMT
strict-transport-security: max-age=0
x-passed: 2bal1
server: nginx
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2

200

match
www.acint.net/ Frame 024E
Redirect Chain

https://ssp.afp.ai/api/sync/sape
https://www.acint.net/match?dp=261&euid=31cad855-2a71-4ef3-8280-e84eea0cf51a

43 B
269 B

185ms
185ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=261&euid=31cad855-2a71-4ef3-8280-e84eea0cf51a
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:50 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Wed, 24 Jan 2024 22:39:50 GMT
Server: nginx/1.20.1
Vary: Origin
Access-Control-Allow-Origin
Location: https://www.acint.net/match?dp=261&euid=31cad855-2a71-4ef3-8280-e84eea0cf51a
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame C22D 14 KB
1 KB 81ms
80ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 22:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 20:43:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 22:39:47 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame C22D 2 KB
822 B 67ms
67ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 00:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 00:00:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame C22D 23 KB
9 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:54:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0AF7 143 B
166 B 72ms
72ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 22:23:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame C22D 3 KB
1 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:54:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame C22D 20 KB
8 KB 75ms
73ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:54:38 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C22D 205 KB
65 KB 98ms
96ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 22:39:47 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame C22D 37 KB
15 KB 72ms
70ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 07:06:53 GMT

GET
H3 200 Gotham-Black.otf
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 22 KB
16 KB 65ms
64ms Font
font/otf 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/Gotham-Black.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:31:39 GMT
date: Fri, 19 Jan 2024 13:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464888
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15870
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Gotham-Book.otf
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 21 KB
15 KB 69ms
68ms Font
font/otf 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/Gotham-Book.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 17 Jan 2025 18:08:14 GMT
date: Thu, 18 Jan 2024 18:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 534693
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15380
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Gotham-Bold.otf
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 21 KB
15 KB 76ms
75ms Font
font/otf 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/Gotham-Bold.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 13:13:45 GMT
date: Sat, 20 Jan 2024 13:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15057
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 NotoSans-Regular.otf
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 1 MB
424 KB 86ms
85ms Font
font/otf 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/NotoSans-Regular.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:39:02 GMT
date: Fri, 19 Jan 2024 13:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E94E 0
20 B 99ms
98ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwsUesZGxZYbSDp2-odAPzK2_mAgAAAAAOAHgBAI&bg=!qaqlquXNAAa8BdJLnAU7ADQBe5WfOJY6g96AQVQV_v1QJgMa_agzhww94jnd4CNSWH0HTzQbsxGW1Ca9i2AxoVnipCWtAgAAASZSAAAABGgBB5kC63PyYAQ56l9o2cKgLlYWq7Q1VTnikpirNvIxnrR_8gXF3RskvPht1O9MtJLqzcNsp3nGX6wtan6m-pAVkf1pDv60kMBlQ6zTOR7ulBdEIi6bJY2FYOUv3fjEdfizY04-AnIVBjSwzbVPV53eTgmcECVgAbjgWA0gA5pNkxMcAnDmmy-s1dBmBC39fyvth4cBhjrdT-cMM1W_X_b5OevNRyZcZ0xxVxbYpfA6ZBK9m8B-MJZzrP5Hc6I6-k9EhEhE5w939Whj8sjaXdCTfej1JBwR440QKvTPB58s3o-loB8qjdaCLRVJ9Cuty6beMQ-C_EYdhDaDvKgUWTitK53xEkhVdYgd-L2t0qnfc3bupFtUQu77b4eRak2up1V37CxEmhUuAMjE48SPEQFcaWTH8XbHNLQIlUtUdzxU_rk8PDcwsxvlvVq91JFpVXz3mA8uN6cmmEA5ES4MtZLn5DGRrOoZZUhvfWqNyqeVoh8lkhKvLJSjTCnhNmASuDVIi9FRT7RYC7M1IrA77JEDa5VUvLkjnS4rGsAsBNRBwnyRIgt8xQP9yqN8ZWuVnwb8GEZWvrAOA6AX5_D5klBUmZyxCStexccIAwws40mzGLq-Q6OHbN2TQV4hH-9URDKaLmEwVr6onAMtXtDUw_wzyqBNH8sot0o2RswMsww6ypNrx1BoNc72u6b50-6r7vulgkFj3IOQoZfGhsSy3LpTbqkDpZQK1YfdCX44bxP3279vwPNoa-3po3e7HhVoGbGeF2sHYVjnIAQIrO1xHK67gaQlWiIqEwCozaHzB30TFhAiZmf0aPdmX9RaB6esJnwQtSxnIZB25soLEc1pvkTtjcyZam78Gos4wTnEDJl5vYLjxJeJSoACzzE297rXWYgaqYlYyh-nA09IhtY15Mb0RUFfvAq3Vki46OmtjG9Yv9zHkj8RBQ3yFc2y3pp1oFj3XkRK-c19DOI-7Efp2M2ybChqZ7TjohW_46R6-WQWIQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2223 8 KB
6 KB 233ms
97ms XHR
application/json 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ac7a7ce8eaafe4daa2bf8c13617528186c79f18276ce174222ab721aa6ad913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5879
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0AF7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

93ms
92ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 22:39:47 GMT
expires: Wed, 24 Jan 2024 22:39:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 22:39:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 2CB5 0
54 B 451ms
140ms Ping
image/gif 2a00:1450:4007:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lrsdbd93&c=3325602368497&slotId=1662801184248.5&qqid=COiujeuL94MDFVne5wMdGRIMwA&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2CB5 9 KB
10 KB 201ms
63ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:12:33 GMT
x-content-type-options: nosniff
age: 466034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:12:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2CB5 15 KB
15 KB 208ms
73ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:24:38 GMT
x-content-type-options: nosniff
age: 465309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:24:38 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CB5 0
20 B 97ms
97ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CxMv6spGxZeiNBNm8n88PmaSwgAzw1tmNaa2d75rHEeWP_MIDEAEgs7OMJWDJhoCA3KPEEKAB_u62uQLIAQWoAwHIA5sEqgTpAU_QONFBXoJRgxW6-sfXEiPoFtwNRg9-gdA6ZtFr_sRilwlGM7Bkl542wMN-JRvF0nj5uEhqj3Q7WiwrnVvG4GXNWk928p5_Z8vJEAoIiYZnS3pk1ayd7pblwxfjYUSjWROuCiC8nfrBaqZvDCgFrNU8vRkzkUwoYNhi7_j1tIVlESAbBGGXW8FmGopVBgaMfS-QkKwS5krWvehj7UTRm4_ABimfp4522H2m_w515g-MCE8ULywrOm86hvHpGCBRKB5jWGOuwAB0Qi4rNf4GVJaI6IrprR9PUa_IW9NNyHJsef84WnIFfHbJwASWyJ63sQPgBAOIBa7a4OktkAYBoAZOgAfqkMnGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WIyKi-uL94MDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJVU7AT2N-JFsgT1a63CdgTCogUBNgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1706135987450&ai=CxMv6spGxZeiNBNm8n88PmaSwgAzw1tmNaa2d75rHEeWP_MIDEAEgs7OMJWDJhoCA3KPEEKAB_u62uQLIAQWoAwHIA5sEqgTpAU_QONFBXoJRgxW6-sfXEiPoFtwNRg9-gdA6ZtFr_sRilwlGM7Bkl542wMN-JRvF0nj5uEhqj3Q7WiwrnVvG4GXNWk928p5_Z8vJEAoIiYZnS3pk1ayd7pblwxfjYUSjWROuCiC8nfrBaqZvDCgFrNU8vRkzkUwoYNhi7_j1tIVlESAbBGGXW8FmGopVBgaMfS-QkKwS5krWvehj7UTRm4_ABimfp4522H2m_w515g-MCE8ULywrOm86hvHpGCBRKB5jWGOuwAB0Qi4rNf4GVJaI6IrprR9PUa_IW9NNyHJsef84WnIFfHbJwASWyJ63sQPgBAOIBa7a4OktkAYBoAZOgAfqkMnGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WIyKi-uL94MDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJVU7AT2N-JFsgT1a63CdgTCogUBNgUAdAVAfgWAYAXAegXBQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 2CB5 0
234 B 431ms
139ms Ping
image/gif 2a00:1450:4007:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lrsdbda4&c=3325602368497&slotId=1662801184248.5&qqid=COiujeuL94MDFVne5wMdGRIMwA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.15d&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 2CB5 32 KB
18 KB 236ms
92ms XHR
text/xml 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AQKN3yier1bBSv501xOTJr-6tG9H8KX-8t18j3bimz1Dkz2zI9bPgo0yHQdAKmVJLKDUfJAqj4zpOOP_GZ0uU-v6ijUw&cry=1&dbm_d=AKAmf-DBLud84zqnpkazj3DHL9KJv0UNYXkpNL722i8xm6Rfw2-49-PxAYpVhFGrpFCpcacwqoCjax8ln99taHD_eNmtZpT5m6zN45TS7fyj1v-V3f5sSKiG7ELfJBC7EFPPIspAcvYTucEpOHnsrhe69OOHaBPlqPOEuzFbq4jZfjiUoyiMNE_L4UduZaGE5g_scXDybQeUFUNJuZ4iGB_-NjtLUZNEgXuwVh2CJhroXSsDvP2eZyDbifyRqbhmawqeuJ2-OrOfJzLtfdI9n3w9Mxse2dJC-w3Nuhe60iDk5iwWSjdZeOp8846aZ2fsTENDBy9H3O1xvmnYsGzNR-7WOd6xYy1nZOsnPPtv8AU9RNbuafouGk8S6pQ8Es13_GSUdPhctTZ2UC-ENDDQirg5vc4ZLftPvsrPn2UjcOad85_4L8boG6OcvfDZaSJqTj33vGTHnp94YfhLlXruyh1cESVJ8K05ue9T0IOVEmnsnNf_AMK7BYAwpl6xeSTO29YgJBw_iLYkBszuD87Nq8OrnFomdk0FE5yTKXWXqtzVIXVDpWT3ElKOUqXS6heJR-tr8k-YTrGp-_UHnrAV6pCkWq-0SbtvRQIjypIjwZcKHjWrKLV9X5vETz6mdm8WTGs6GaRFz28YHL-B5u-SdJOAk4MMAALg_WlA8p0V78oP4mwoNntwYmFaVyR1-rQrB8_jiyvLiqJDbKvldbM3HuuuMmnKTTeZxXJoCE6Q9p6NucLBjh4ZoIWPDUUAPoLvKIN95rQAwz6Um8q1L4ii4_qygHnAK_Mjl6LweeZ5GCWDb37Uf7RHSqWZluAcsmmqLNamj-F13CDR0ALOX--1uUWUB3rCAFGt-rhuIcsHAmC8UhKew4XFkpyCtpKcRRS15Cj_EMSc8MiAiAJ8RXT9BnhD3G-YR5RVo_pYdVOP_zkut8HapJ7wyTA8ymzinCeZ2ky7eZqjQsfM_LM4-px3KEggCHYDvA3Xzui99IqgT6zQ5j_x8--KvD0k1e0EFoBatyK7X6DK_IsqTeCWnva5Q9Y1w7cPzXHUcb4yRXjqU2a-qzp1r5Os_YO32GBX58LFDlrGD6UWeE7g2oUZbcs6TpHcW9p1JwoH8In2kDNoauCjRY6w_sxGmeukLu75Ns6Owbma228UTvvkymP6gURfd-Tzw6lSGgBmbP6tuXWm9HKeZV29BIDz2nQijgn_0z5HBscnURC9J9BYnc1ZXmP8U2fPl1CG8ehiQOGU89VIiwsx-GQe2_WSz-DXseYc7I0U6y-wDH8MbPyCrn5W4lp8g3AnO-WGimcyA0G_QF35K-Wy-cKz3hKwWmjhABO2VwBL83kut4eZXXz9nUe96_XXsOisqi3zUC5iP_5xpvyeb7KoNBwN04XNU58y5iDaKf8xZiLMPSoVox1Xw75XXJ0yHQokJsQKXxOXAHVEbq0sdHfB7uDZbMFFFmjVsCI-BXPG5Yy-yZd-uB_x60pzoWSVizyZkzzWjb--TJ0PZbXqu3RZ2hbZdDFx8M4TFCvPv1LS0hdjd0ljC0kGUYhGDm5byhHtAdkVqxCFoQFSdzPefCQq28a9myFa1NhGWNvpand2o8XqNnqDicfIt-V0HlSE7LV5uA2Xp_BRhpK5RsermiP3VOJ7B69CXgDhz_NfoHIVTI0_rC13AX9qnSUGrsiYskCGcJ_1SBoGh02azIdlj9wwooQHM5fkHl4ZV4a4JIwzK8PmXf7SmRX9nfsMDZSCrWKcLKR8YpcZmQkl_HdGclaPYipHfT2HcTUwGS89YXEf7urhas6rwe5by70FjSVgGWyIrw-5QAIeoHIA_t-67gVKgiyaDPMBngGNaZxBvpM5NQroKdNZm8pbdFK3L-hUKumshyHRuqZUNW43SqRhyHOGvUlzbh7a_eYDQOM0Z0kS_FGbJxmdB8HceGJoNrQs2giHeL1khkJ494jfkT2xN-oj3T15O3WBhZ5c8s-YtKx3rlvIeGx9muWjJ82JG90nuE_wvxbR-G2_e2TzaX_YEw880YFz1krW3wKYvPVb-Bb7pXGZfCKaw93uuUuJoXAYls8qBaYPDhNzNUNeeiT4vluai81_-SS6bjjQ7SJKDewPLF4tDLMpVMhPTz2MgExk6OW1JtgXhqHLk3aMRJauUGP1Vt6N5tWY_0r3GKadWUU2BAhkqtr_BB291OXDoPwfkk_xyCGlXbT5cQC5ZtWAiHyt-LUtuRD0ijm6QOHAJsjaToFVyIRN0JIky6VvyspYipNlOs_qz1pE0eksgL3z-eC3J9Pi7Rg5SGP6G1-yfLsZKy4gOC1Y3A_s54RcYQLVLbkKkTSj2Svma0lGrqpfYryS0JrgsXPu8_kXQ2qLoTMnKnDgsOEEBR0rIBQJNeBHU8gO5M2_OCi6xO4TOFxZ3ND-J-0o2nCODVQSq60HZh3q2c8LkSMjYhVWQpqfvf2nSxjX9xakuWS2TD1oEd-th99nHj2f7k11_qMtro3lViFoHq8CPOFEwjjD9nXd-_cc2Lbn6GlpkLIK-PFhRSblgwXgYwRMZZGP9vnZTG0NMhQyH1OSK8vuzVgHY5tBRbz_dDlWgTGpGSFc4LHj57f0xlX5jyD7E-YyIhBBkpt0FQGInldbIj8ivyqGVzfLGjQKxRml74xsMg1qLfOiEzYs2pMV9ROb7poGe1imkejcStYAuPZNMr1DURbGhChSpJ7r8W_kYAckOi0t22j1rV5AoEkgeIkB2o6j2oHOOvoX-ExEo8RirMIqk01Zpz5L0HKIDAlQFXznFZKsQv0eHY8rgDftW10aSclnGYs6DIJqhkyB0sbu30nCw-X0p7_Nf_HN5y2TGZ5dpnPCU08si-uDOCuyuFG4m_zula_imY8tIYD3lr9UYBpMP1Q7WzOH6NZuMveM48B_BeQ7SWiU58R6rMTE46-5-nq4tZn1rvpC03JTbnhtp2Egg68sRjApxsuZK9scLhE369hJaN-Qz2pDWRHmt0D4V9t8OsUWdcroJiXcZCjsXd_uJ5p-Spilb2TEZWd094kOoVcP6potcJEACgK3PX1v5KO0GoxH_XlkjdNsVm9oowuBJEHXrOfkJL-ghtS9QYLtycFFAbkmUtqvv0tiJ_LBCDyEReLRv_NCMyVIc3pu8U41uFTyRHABLmcnNctPFeYORT8YDWYdNO5rkctW8vkeComrx-DlwS20PVBCUjojsnSem4Pvssufnafujghjkz49XXwQBrnBtbcrN1qznACo8_E_LCoZ1SAwGNX9MMAUnTQIepbLC5EhnV_LLlo9aLeGzd7D1W_KX6QA7UWCgZUAcsc-yBwfdexHsPrSmHakJZE-t1TA210wUFMl01HPzKe2HUMXFKSSPuln4DJel0cBj1QbSrS2E8l1ebsSHZOxg-RLxP0-&cid=CAQSTwAvHhf_mPS07yKUeXPa-Dt2ugts-m9ATtUvHX0Y7ww1_BeHqMqXrY74IkDkhYbC9GCxi8BTVcuETlPbIdGIgg8vMwxt2MaNubbBL3YpIK4YAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

55e861d875a84cfe9e5134f41ac3f13e245e5f6002bdfb21ba383228cfe9b2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17857
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2CB5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81ef08e396bcdcd43e379cb510e33a8c4b11aa226423808ebce14d1e4702ddf6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
www.acint.net/oci/ 43 B
224 B 184ms
183ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/oci/?v=0.7.0&uid=f5aa44ee-877b-4856-9255-0bc4973e207f&dp=14&tz=-10%3A00&nc=011515&aid=0A00007FB291B1659E00F3B20269D48E&oid=9ac3a2d97c312cb4045a1bb0d443b0bc
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:47 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 187ms
180ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=5291.13499.161201908.0.0.0&sid=65b191b1-f3f7-d0qg-unds-7i403aph66hy&aid=0A00007FB291B1659E00F3B20269D48E&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1706135988
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:47 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
DATA 200
OK truncated
/ 612 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74dcd398eafd7dbc3d07b76625839f63f464de97b26adca97ac30883cf79b0d9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 190ms
185ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A13499%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=65b191b1-f3f7-d0qg-unds-7i403aph66hy&aid=0A00007FB291B1659E00F3B20269D48E&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1706135988
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:47 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 187ms
182ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A13499%2C%22ev%22%3A%22stub%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=65b191b1-f3f7-d0qg-unds-7i403aph66hy&aid=0A00007FB291B1659E00F3B20269D48E&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1706135988
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:47 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 186ms
183ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=5291.692898.164073619.0.0.0&sid=65b191b1-f3f7-d0qg-unds-7i403aph66hy&aid=0A00007FB291B1659E00F3B20269D48E&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1706135988
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:47 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 190ms
188ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A692898%2C%22ev%22%3A%22stub%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=65b191b1-f3f7-d0qg-unds-7i403aph66hy&aid=0A00007FB291B1659E00F3B20269D48E&ref=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&r=1706135988
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:47 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 12D5 0
0 139ms
131ms Fetch
image/gif 142.251.40.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst6ubG_RGvB4jxqMgLnSnDigJ8A3r33iLG4vTqDs5kWsec_y6flliP9mSrn5Wr6IxwB9_jhHBK-vI3ED2oki9HZP6_WDB611RWrxurssyzSrNPEVNUDJTvVA5JmSFx1pc4K9ZBDzSeHvEHZ7m7PVag6qzI4YoBjeqshkqFp3W82rlq56O5hHyPmQfZgm3w2nvy7ft3zVf41Rcc8TwKnvojR-ST2zd_PIvr1epiZD_9F2V_ZaTKmScIsvXa4FaFXgtozwoD4_vv6V2fFl6hoe8HagyQmTiethFIn8PCufPQm-sNV5bB7kI9iXYIjbR8CW8BuSBJBKVntuUrYFb267GwEFvLg6mXBXUuPFLxbZv7wON9c5vOfrw-TkckGA4hZEtSjlbSz_51IjAJn8nk_ugiRUatHIDPi74klr1siXR2Ensc6Yy1bE48h8UFXQqMLpBGA3UlzA55ZKR_BHuLBErk43WtBWkAK1TxppwN6dcDxQkGQxVUH78_Sl8GFovb2RDvkMVkCORwdMIeRL9tzM5w77cE0IztxroK7hNvQpAjz6WGkeN2ZEsKohoKB-JX9pp_9OwAGPcm1mWlizPI4qDk4mLx_V9cru7wlkgEQ5GoGsVXKX3GiNg778MaQgDMKORGZE3y1phF9gnrC4Kqim3WyscWVuX9U-J1VwlfFCnUb0ikxXXnoSHG4V_5aGdawKgFJK5KHo2wXD6_DLUlr7eqEZVyKw3yoo-F-srFS8htiByMgQ6B3JJj_SIlOG0IfHt2aPH_s-x6FfX9jDdGoTznaizuPM68265BW2HVhJtejvO9tsCnd8C4Ozev7vXCMT1yY3ypmnLApsaOolL4AyRnCK6B7GTfeUkgN1IPGR2sPteSwK_gjfKTCvlPPXSiHyVR1LGoImp0LxFuTicBDoZTLpy4zvypbD8clOzV80nRKAOkB8_-liAyO_Jf1Uwa7n7RDL97r2NlnX4fvOPWx-p56OVSRXkOi5alIuV5xuQpispj3YjQKqRg50Yeu-bF9DPxuVBKHE1F154wUL_FQNNsvTMlEuZt3gYghLUGSJI-oBrA5gP6HYh8wVT4Gg1g3A8gE77ltHGsuE-GX60V-gztnPObTJXvwYmDcCy2fpGAXKNann4MFJLw6j1FXMyKYJFJ528RlAWupQQtPBkfsERGAJ2tM7zZ5EoDBIIeeKcQvTVqJy_fMVWoj4xhayVPdDYNQgcgvrjZtgzIZ7EVc8nOULpOnQK8svwyg_-nlLA69d9Q942Mra6BIOnLI0DBA-rwVtyYe5niD9s8mHWoBACaGdg2bp1-p_9r0btCOyYMDOxSa-q3VAT8Ba7fKVmrhxONZLkiUNk-eYwpOadM&sai=AMfl-YTWPEQ6upHp8W0QEKvoOFOnzA_JWGdL1HOp95W9g9cj1ZSVaFmQiwtEHy7lZMdlBhFgZCkb33j_2Dy0p5Z1h89QkbdEf9NpIN154o75KGYMQwghWiNVQ78YloBtcdqSdojE8sTh86bnfH6VVQNj1PO2JizndHgPMPI3Hp1HF9U2dzImMQstD5vBC9t6LlMi-weLvBY8T7HUG6mNTQAikPUK12JNMiKY5nEn6DDUDjPHUvTklmK3vZwu7DpdUS3FV8RG50PckqFaMI7n8KDtgttWjcupjgbYJIm7JVqtSsKRPl5hXzxmD6TSphqT7BiXLXHbYR9IpgH7xpM9xf8uKOc4XJ57NPAcsee0mQM6XH5WNNp1VHwjE_ov_BgNlH9rYwOHLAyeg2b6rP_5CMWLyLTac_rFIB-mwJxEWLIDvCA4CF3QnFXzPs91i4xiR8itfaUMnAG1pKNOqnaEtLUx22dfSthvdnBzvuXC25OqqOazS_HrV-eKbzAjFXBiNOGavA0JDuerOM1k&sig=Cg0ArKJSzHY_v7Iq5crAEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYWRpc3NvbmhvdGVscy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1246&vt=11&dtpt=814&dett=3&cstd=421&cisv=r20240122.72177&arae=0&ftch=1&adurl=

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2223 17 KB
6 KB 87ms
86ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Jan 2024 22:39:47 GMT

GET
H3 200 button.png
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 309 B
346 B 68ms
66ms Image
image/png 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/button.png

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

877114c35f4d21070e2cd28451a515493963cf7f5e8dc3a4ddb7e23b06f39c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Mon, 20 Jan 2025 19:10:50 GMT
date: Sun, 21 Jan 2024 19:10:50 GMT
x-content-type-options: nosniff
age: 271737
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 newlogos_160x600.png
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 15 KB
15 KB 73ms
72ms Image
image/png 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/newlogos_160x600.png

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

641b55af74c429c254e1e294d83d3f9f6fdb3f4d18396635e0bf2720564b8e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:25:57 GMT
date: Fri, 19 Jan 2024 13:25:57 GMT
x-content-type-options: nosniff
age: 465230
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15830
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 43882346_20231027051857476_Christmas%20Markets%202023_Amsterdam_DCO_160x600.jpg
s0.2mdn.net/ads/richmedia/studio/43882346/ Frame 2223 54 KB
54 KB 68ms
67ms Image
image/jpeg 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/43882346/43882346_20231027051857476_Christmas%20Markets%202023_Amsterdam_DCO_160x600.jpg

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019583688f35960e784dc4e214047f401ceede5d2a1e830e1945c63d1cada80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 03:00:04 GMT
x-content-type-options: nosniff
age: 70783
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55047
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 12:18:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Jan 2024 03:00:04 GMT

GET
H3 200 1200x628_RH-Radisson-Hotels_RGB-GREY.png
s0.2mdn.net/sadbundle/11194205196432666429/ Frame 2223 30 KB
30 KB 71ms
70ms Image
image/png 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11194205196432666429/1200x628_RH-Radisson-Hotels_RGB-GREY.png

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11194205196432666429/index.html?e=69&leftOffset=0&topOffset=0&c=Zt7YHv1bC9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:22:42 GMT
date: Fri, 19 Jan 2024 13:22:42 GMT
x-content-type-options: nosniff
age: 465425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30313
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:45:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 024E 16 KB
16 KB 394ms
393ms Script
application/javascript 185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=662589116370078
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5e740b4c722831d9a6451a42a01ca2541e1a0c2af5718703a89bc9823c16099a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:50 GMT
Last-Modified: Wed, 24 Jan 2024 22:34:19 GMT
Server: nginx
ETag: "65b1906b-3e23"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15907

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5AAF 39 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 20:07:57 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 2CB5 0
54 B 170ms
141ms Ping
image/gif 2a00:1450:4007:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=3~lrsdbdan&c=3325602368497&slotId=1662801184248.5&qqid=COiujeuL94MDFVne5wMdGRIMwA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 2CB5 41 KB
15 KB 67ms
67ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:24:45 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-q4fl6n6r.c.2mdn.net/videoplayback/id/7257b5c3ff439ecb/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3834658814/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 2CB5
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/7257b5c3ff439ecb/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3834658814/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
https://r3---sn-q4fl6n6r.c.2mdn.net/videoplayback/id/7257b5c3ff439ecb/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3834658814/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

232ms
65ms

Fetch
video/mp4

2607:f8b0:4000:19::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-q4fl6n6r.c.2mdn.net/videoplayback/id/7257b5c3ff439ecb/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3834658814/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5EF24A9A3870A6C899725B7E93AA928BC5A0D0FB.0387C069DFB7A161F6BBF379AED2AFC26B3D0E2C/key/cms1/cms_redirect/yes/mh/zk/mip/2001:550:1d05:1::4/mm/42/mn/sn-q4fl6n6r/ms/onc/mt/1706135566/mv/m/mvi/3/pl/48/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Server

2607:f8b0:4000:19::8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 22:39:48 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4210387
Last-Modified: Mon, 24 Jul 2023 14:57:20 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 24 Jan 2024 22:39:48 GMT

Redirect headers

date: Wed, 24 Jan 2024 22:39:47 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 647
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r3---sn-q4fl6n6r.c.2mdn.net/videoplayback/id/7257b5c3ff439ecb/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3834658814/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5EF24A9A3870A6C899725B7E93AA928BC5A0D0FB.0387C069DFB7A161F6BBF379AED2AFC26B3D0E2C/key/cms1/cms_redirect/yes/mh/zk/mip/2001:550:1d05:1::4/mm/42/mn/sn-q4fl6n6r/ms/onc/mt/1706135566/mv/m/mvi/3/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 2CB5 0
54 B 158ms
141ms Ping
image/gif 2a00:1450:4007:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=4~lrsdbdhz&c=3325602368497&slotId=1662801184248.5&qqid=COiujeuL94MDFVne5wMdGRIMwA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2042&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1cw~atrd.1d1~videopreviewvisible.1d2&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 2CB5 453 B
585 B 78ms
76ms Image
image/png 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-5035092129732437

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Wed, 24 Jan 2024 23:29:47 GMT

GET
H3 200 P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js Show response
pagead2.googlesyndication.com/bg/ Frame 019E 51 KB
19 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 20:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19859
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 20:20:18 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10258.PXiUfo0RVx4LfVgB8M6IEa4_XoYt2RpGSTLY7bPcyuX1oH39mDrnwyQ1VOaaEANh.xvucDZzPHJICtbOINX_xVugL7sQ%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10258.HGn5Rc9d3r2bMgsCOPDkfTOjRYkDvtWFutNEYM7nj0e15IgbLFnyt-x6PhxSxjYphxRCVKQe5Xfes4U-YTwUbdGLcgIIV42oc6emNaVo8_kCVMy-tDvn5PzLbnZtR2pXDXe1DAQ8ga...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10258.KbWWquiE2eYuh73xCHdc5mQyky4pM0BfGX65vj59ekM6rGCVTdm_A-onSJAtGcbc-7oA5VHlAScra4k3nu1E-fO1K_OgTodn7_M27iqaM820U...

43 B
583 B

182ms
181ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10258.KbWWquiE2eYuh73xCHdc5mQyky4pM0BfGX65vj59ekM6rGCVTdm_A-onSJAtGcbc-7oA5VHlAScra4k3nu1E-fO1K_OgTodn7_M27iqaM820U3uxftwVdoW1zETLyCBkxS9GXw5OT0AOYpg1XIGN4Xet7rT2g9i0d_lKUhH41eh-8RZR9lYjnWxSRL11_8vuHTz9XPTuNRvX8YDksyEDtw%2C%2C.9nfOQyKt-xTIiIp64e0bMuRuP7w%2C

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:48 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10258.KbWWquiE2eYuh73xCHdc5mQyky4pM0BfGX65vj59ekM6rGCVTdm_A-onSJAtGcbc-7oA5VHlAScra4k3nu1E-fO1K_OgTodn7_M27iqaM820U3uxftwVdoW1zETLyCBkxS9GXw5OT0AOYpg1XIGN4Xet7rT2g9i0d_lKUhH41eh-8RZR9lYjnWxSRL11_8vuHTz9XPTuNRvX8YDksyEDtw%2C%2C.9nfOQyKt-xTIiIp64e0bMuRuP7w%2C
date: Wed, 24 Jan 2024 22:39:48 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
549 B 230ms
227ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 18 Jan 2024 16:14:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65a94e6e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 24 Jan 2024 23:39:48 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 4236 23 KB
8 KB 74ms
73ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 466030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 13:12:37 GMT
expires: Sat, 18 Jan 2025 13:12:37 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 12D5 42 B
64 B 98ms
98ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5L62UKPcLV2gc4IvN5CJu-Ta9R2tCUI2p_-o1yWJWj8w1t6u8GhA1p70OsSvEk4dF_nJfO0TTiCwF4npHIXCwqyBXf2YXuVLccHtA7USoAPu7zcucjO7u7waCUFbacKBx4aX7bpVPufYZkKF04rAeNIkg&sai=AMfl-YTF9iyjZ9JcgSFCGMfQ8ZMZQeQG4auZ4j4A5GqqaFjjShwvk37nUiiPZ6yKfv6a_r5VXsH-9FDQEQ4IUbBJGg73x2_5jfFXhB3gVVqSqqgfMGwXFgIJ8glTQeuBI0DaIsSOGKbAFi_GloJRLP34rA&sig=Cg0ArKJSzDTfRQg3uRomEAE&cid=CAQSTwAvHhf_1gWx7QvJN0A7XIcYR3d1z1PrPDJZFlQo2_rVgkcvw7qSUB0UpchoQIpyvUZDCPu2nw6rsmjG0IGzal1KAi_WNnSnRpXJmq0TrlsYAQ&id=lidar2&mcvt=1018&p=0,0,600,160&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1460880071&rs=2&la=0&cr=0&vs=4&r=v&rst=1706135985160&rpt=1714&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2CB5 0
0 101ms
101ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHGc7spGxZeiNBNm8n88PmaSwgAzw1tmNaa2d75rHEeWP_MIDEAEgs7OMJWDJhoCA3KPEEKAB_u62uQLIAQWoAwGqBOYBT9A40UFeglGDFbr6x9cSI-gW3A1GD36B0Dpm0Wv-xGKXCUYzsGSXnjbAw34lG8XSePm4SGqPdDtaLCudW8bgZc1aT3bynn9ny8kQCgiJhmdLemTVrJ3uluXDF-NhRKNZE64KILyd-sFqpm8MKAWs1Ty9GTORTChg2GLv-PW0hWURIBsEYZdbwWYailUGBox9L5CQrBLmSta96GPtRNGbj8AGKZ-nji7Z51NsnDN0iGbFc9viUNLVAMtprwOjTIK7AkVS56fpGIC1jUfmZ557uJAtYR7C7oL7ueRDVpIdTqNBWduJXcrABJbInrexA-AEA4gFrtrg6S2SBQYIAxABGAGSBQYIGxABGAGSBQoIIhABGAFI-JB7kgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAfqkMnGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEKqpGBjvjNTxAdIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYjIqL64v3gwOACgHICwGiDAgqBgoErLqxAtoMEAoKELDd5Neh08SOExICAQOwE9jfiRbIE9WutwnYEwqIFATYFAHQFQGAFwGyFxwKGggAEhRwdWItNTAzNTA5MjEyOTczMjQzNxgA6BcF&sigh=wyPuellcRHQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_mPS07yKUeXPa-Dt2ugts-m9ATtUvHX0Y7ww1_BeHqMqXrY74IkDkhYbC9GCxi8BTVcuETlPbIdGIgg8vMwxt2MaNubbBL3YpIK4YAQ&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 Jan 2024 22:39:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4236 39 KB
15 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 20:07:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4236 0
20 B 97ms
97ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BJqCVs5GxZf-CKKK4nboPr4e14AMAAAAAOAHgBAI&bg=!paalpunNAAa8BdJLnAU7ADQBe5WfOPiDoUVSi0RoNQm0DlZyDhqTc-Y2W3UWTe9CO-FOWQrRJjBpLG42oJomrmjiH6VuAgAAAGVSAAAAAmgBB5kC8UtwWa81eO7hVW7VVR_znlCjzPcKbiHL-bGf-TA_fyeekEI8SLmxaXXTAmkQ6GDUsnSMEryGaxMiaOv3bhYy69Eur_AUcP9kNGdAcz5-i6bJkxr-CU-JtERrB1uSkgjm2YwWRCc8O9vIyqStbplMRqH_3J3aP4k7mBEEVqYeW8UdJXGM8pV36FFnqZO2pPJteCj6qjCUcvuQAQJ8fLJILH6tfB-fPUjRz7rPLFwJ5UPacx9lN3pb9ACK46SXQZVlhWsmI2YxDKtVwphK0QY2zWd7WPho_wmirvQjmfZuugyGpcjO_xfnh-HICyC2POj8j48Fld3jTRME8pK_GRnHjK062o4jm-Fz3yt6olDUJYfAqjkygSZtB2krX18S9gwnajannuE0zqj1HoWIm7LBtzTTB4h_j9qMNS7SuOMJefbB4kuaS9g3adLHleM-oAcs63g0WQoLuARLPNtCTOV2WNoSq2DzgxJuZUEpY6uehgon8Ms6Xs4G3Hs0Mxosos78kyT04HBQgNkBcCa7bjTf3BQcMNXegfOD3SvwY9PgLYltL71AQHZ6NYYX69Yi-3BZmaLcSGh-JpMZwsMU5KVSP1PQdbKsSEQC6M_lIGORP_FnVXaQW1tfPGUBASiAZaPxRoYEaw8_ogbsp7wiemn3Ca6giUV_TNrAZZA8v4PZTBFQqSynr3f8Y7ynyX-hnlE1p1svhiUXJZuUTxD6oZxr2XbkIjperU1nMTHjmh6CZWUkg3uTJPa1lyrHMG3qAGY_JWBikQaLszzQ0YhNTMVL8ER1ZXw3FYPgLd0Hxj-g3TdsjN_kfS9bZaJoNw85xFEUEryqx9zdCBnujvqwVpKR4X8hYhVZv3TqeyQEz-ahKbbDXhhoJ7wfgLf94NPC06IMRRI7j1KdLCEb6opBb3q0ZfTYp_Gel60UcSuNQAY8fishdyS9Z0bHJho6PzWtpCAVWcC7mOge19g9GCHJUpMkibBdmjfXRltTJSRZviCRE_iUSg

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r3---sn-q4fl6n6r.c.2mdn.net/videoplayback/id/7257b5c3ff439ecb/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3834658814/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 2CB5 4 MB
4 MB 140ms
72ms Media
video/mp4 2607:f8b0:4000:19::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4000:19::8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e84f9d215aef304b54560e5912507aa5de744a345ba1d9324a5bf95af7eaf526

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 24 Jan 2024 22:39:48 GMT
date: Wed, 24 Jan 2024 22:39:48 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4210386/4210387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4210387
last-modified: Mon, 24 Jul 2023 14:57:20 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H2

200

1 Show response
mc.yandex.com/watch/91568614/
Redirect Chain

https://mc.yandex.com/watch/91568614?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2265b191b1-f3f7-d0qg-unds-7i403aph66hy%22%7D&uah=che...
https://mc.yandex.com/watch/91568614/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2265b191b1-f3f7-d0qg-unds-7i403aph66hy%22%7D&uah=c...

447 B
483 B

184ms
183ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/91568614/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2265b191b1-f3f7-d0qg-unds-7i403aph66hy%22%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1211%3Acn%3A2%3Adp%3A0%3Als%3A1154240366434%3Ahid%3A668940914%3Az%3A-600%3Ai%3A20240124123947%3Aet%3A1706135988%3Ac%3A1%3Arn%3A655998596%3Arqn%3A1%3Au%3A1706135988534965636%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A254%2C139%2C318%2C278%2C869%2C0%2C%2C1750%2C25%2C%2C%2C%2C3608%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706135982346%3Afp%3A2062%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706135989%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9ac53bb2cfdd53aaa5b0aed2c06b9343b84108d14a615d9f802ceafbea63c1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 24-Jan-2024 22:39:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.paladiny.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 24-Jan-2024 22:39:48 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:48 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 24-Jan-2024 22:39:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/91568614/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2265b191b1-f3f7-d0qg-unds-7i403aph66hy%22%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1211%3Acn%3A2%3Adp%3A0%3Als%3A1154240366434%3Ahid%3A668940914%3Az%3A-600%3Ai%3A20240124123947%3Aet%3A1706135988%3Ac%3A1%3Arn%3A655998596%3Arqn%3A1%3Au%3A1706135988534965636%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A254%2C139%2C318%2C278%2C869%2C0%2C%2C1750%2C25%2C%2C%2C%2C3608%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706135982346%3Afp%3A2062%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706135989%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: http://www.paladiny.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 24-Jan-2024 22:39:48 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/71281900/
Redirect Chain

https://mc.yandex.com/watch/71281900?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9...
https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnln...

440 B
532 B

186ms
185ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A659436714695%3Ahid%3A668940914%3Az%3A-600%3Ai%3A20240124123947%3Aet%3A1706135988%3Ac%3A1%3Arn%3A852772063%3Arqn%3A1%3Au%3A1706135988534965636%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A254%2C139%2C318%2C278%2C869%2C0%2C%2C1750%2C25%2C%2C%2C%2C3608%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706135982346%3Afp%3A2062%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706135989%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

60164a4d15f633baa04ddf270057251bc051884127ccf98bf430635cafc4eb93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 24-Jan-2024 22:39:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.paladiny.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 440
x-xss-protection: 1; mode=block
expires: Wed, 24-Jan-2024 22:39:48 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:48 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 24-Jan-2024 22:39:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Findex.dwar.php&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A659436714695%3Ahid%3A668940914%3Az%3A-600%3Ai%3A20240124123947%3Aet%3A1706135988%3Ac%3A1%3Arn%3A852772063%3Arqn%3A1%3Au%3A1706135988534965636%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A254%2C139%2C318%2C278%2C869%2C0%2C%2C1750%2C25%2C%2C%2C%2C3608%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706135982346%3Afp%3A2062%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706135989%3At%3A%D0%9E%D1%80%D0%B4%D0%B5%D0%BD%20%D0%9F%D0%B0%D0%BB%D0%B0%D0%B4%D0%B8%D0%BD%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: http://www.paladiny.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 24-Jan-2024 22:39:48 GMT

GET
H2 200 dc_oe=ChMIv6ju64v3gwMVIlxHAR2vQw08EAAYACCipKJdOhkI-I_4xgEQlsiet7EDGNWutwkgrZ3vmscRQhMI6K6N64v3gwMVWd7nAx0ZEgzA;dc_rmcid=CAQSTwAvHhf_mPS07yKUeXPa-Dt2ugts-m9ATtUvHX0Y7ww1_BeHqMqXrY74IkDkhYbC9GCxi8BTV...
ade.googlesyndication.com/ddm/activity/ Frame 2CB5 42 B
401 B 306ms
137ms Image
image/gif 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIv6ju64v3gwMVIlxHAR2vQw08EAAYACCipKJdOhkI-I_4xgEQlsiet7EDGNWutwkgrZ3vmscRQhMI6K6N64v3gwMVWd7nAx0ZEgzA;dc_rmcid=CAQSTwAvHhf_mPS07yKUeXPa-Dt2ugts-m9ATtUvHX0Y7ww1_BeHqMqXrY74IkDkhYbC9GCxi8BTVcuETlPbIdGIgg8vMwxt2MaNubbBL3YpIK4YAQ;eps=CIBhEAEYHzICigI6BIBAgEBIvf3BOliMiovri_eDAw;met=1;acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D687561445%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1706135988683;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 2CB5 42 B
64 B 98ms
90ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxMv6spGxZeiNBNm8n88PmaSwgAzw1tmNaa2d75rHEeWP_MIDEAEgs7OMJWDJhoCA3KPEEKAB_u62uQLIAQWoAwHIA5sEqgTpAU_QONFBXoJRgxW6-sfXEiPoFtwNRg9-gdA6ZtFr_sRilwlGM7Bkl542wMN-JRvF0nj5uEhqj3Q7WiwrnVvG4GXNWk928p5_Z8vJEAoIiYZnS3pk1ayd7pblwxfjYUSjWROuCiC8nfrBaqZvDCgFrNU8vRkzkUwoYNhi7_j1tIVlESAbBGGXW8FmGopVBgaMfS-QkKwS5krWvehj7UTRm4_ABimfp4522H2m_w515g-MCE8ULywrOm86hvHpGCBRKB5jWGOuwAB0Qi4rNf4GVJaI6IrprR9PUa_IW9NNyHJsef84WnIFfHbJwASWyJ63sQPgBAOIBa7a4OktkAYBoAZOgAfqkMnGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WIyKi-uL94MDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJVU7AT2N-JFsgT1a63CdgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=TtT4-3mW0Eo&label=part2viewed&ad_mt=6&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D687561445%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1706135988683

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2CB5 0
557 B 303ms
143ms Image
image/gif 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstTp9g0T0vDqnyi3TmBHTr5O_6H83RuN_hCFnHfcNEWTZaBrrIgeHHXuUbqNv_SBOhLvbWl6TORy9w_36qikgqMV5BO1EtExXQpLFayBvRjsjPE5PLQsRArlBAdx5jSAjg8_lVkdMKzcHSSFnWNuUAm76R3or3jdy6p-S5iKpHceRF53VLUZ4ma_Ab_QXb5NHfqolMZn2Uj46LyUTOO6nXdWWR1RXr6VAotuu7yTjx2kdOxzEgNqmqBtstnlRCZapV0-odPrFfLqUYA52HXRBFIrsn60j2d7y93MrDTgBX9nBD3joxdCIuYajkc_1D4brwTOhM4bCivBTEqhvAhboVIgNEJ5N-Mtus6JQTgx9BomGsMvNPneRvg5Ie4C1VGZeYR8_ccM1mnhuL5B4ITCysSE6zi0q_MwC5lQCnnqw8UFujTDL_Gl08wsrjAzDJP5XLIWL5ZsNulvrUk3S3AapMcYn_gZsfaHZZKzYfLR_eQXNoSUWV0OnbsEZneuUKLE2NN9qvJZGXb0eVnzPUVkl3ezyQ6AhfVCaqsivePm59hTgT2yIBMOLm4kaw6DFXTX3uXYXA2x5Mt8CCJGoh21MOYRLsarTLgvGgIup97iZLg-7228yBtYVlh3Azt0O5V6VbfSw2MvkUWx7u90eXubu9VVnQ24tTHrmHRqKnbpncZ9uuZjcXXz-OOO9cKZZOZ-PBfnp9R6uUlS_CwrTHyA2IxmO8GnXzR9hrZRYFc8C2ApcasLrPnB4mtC43fiY1QDvh-GlhJbwaaVE0wEBmqbwrrrrN2mXXNMaBXt-voDPM53dmlxqsHyT-Ahx2H9VRmzcNn_SlJRn_xhhho_FEVkRSKrlFM3aECsYqD1lmnPw-lSdn979WJz6yPG7HeCBVi5MLUPVS9qtr72yvv0N4wdKqksVq28-NbdEUy2wKmgYqS2C5NGETRpB_Hsw7twQ-ud_rWhnvteG3ThBjlm25uuI19PNiYn6Pm_umbZqol8ZawD0H0WYEOQ2WqK-A9CpukQj5n5KXKh1Du1g3r_Y35kuInhdMOqzSsNYJXZu9-68CxZ6P8ceSa7Tld0_unWQ9dMx5v2s3CMcFe-1-G2KJkSlO5YvlOh6Xty-htpRbadH7Fa1nSzEffqNzCksmcAc4ESFmoJApSCkJjEa6gDOyQyoI7YCXixU4PbQRp3aErwJI-ASxWcMUR58YohZe_1S6CZtxPyazcYiNOHQb3IsOeWhlZJtzYQfaxWp4P3RhYvP1V6a-I_gyiJTxWNaL_05TI9n9s9stbpkJID0j3dXQLObBDAziUIitax-8degDFWI81cQ&sai=AMfl-YTYcpgpfx6GAyrFmhMCPsTCvGQzkLuBlEWjjmfmn38_1OaDwyaSOY5OnuYf4MnfmjSDnGuTGWQKMcVPCbM-4uL-JckLGgL_UkTmF1qWr0sNmYkRREGgyDixep3xu3LPpSxZPN72vhI5tZBxdwsTzKiLKGsRVhPynqGtZUVl25PWrvWw6FttgvGu656A8WkXNepGemAWnpHa8rXTEO2yfCX-Ga_MjZKtFZlMaP2wSRQ8RX6dhjK8lNbZF2gqK_VC6s_Q_RGHqc6afeLH9YUVP9RR20iGqy-srxgkw-HLxUKG6WhpyJCu_TAlwZ4azUCXcA&sig=Cg0ArKJSzEJm1SDX044BEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 Jan 2024 22:39:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 /
d.agkn.com/pixel/10690/ Frame 2CB5 43 B
615 B 344ms
93ms Image
image/gif 2600:9000:215f:7e00:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/10690/?che=1464259274&cmid=30251974&sid=6031710&pid=372400212&cgid=562982364&cid=195596834&aid=9902108&gdpr=&gdpr_consent=
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:7e00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:48 GMT
via: 1.1 77f3bc2c9964f50671e7151896d06648.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: k9SFltvucUfa0i6h41mDFVBS_Z2ZQPKqnqs7lJMRwQQ-hdvPRvAZZw==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2CB5
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP651wIQprvuAhjvjNTxASABMAE&v=APEucNXTK9dYnE8Sm1cdf8q1OKfD_tTjMJoezo9plKWzf9a318AV2ndNrbHdfEY5Azysni0O4_DKn8yuaNHF1hH4GcNPcXygKAn49vZ5hixkIpYzj9QHdJM
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbGRslXZy2R5OSgZR8hWRAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOefuDp4R6g1ta8ZOyMV_Y&google_cver=1

43 B
730 B

77ms
77ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOefuDp4R6g1ta8ZOyMV_Y&google_cver=1
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D72m65LaatqaO9rxpJfLTNvaGaEOy0icgc0M7PdHrRGO%2BNl8daHRgDbsXNdF2rFTlUonDgLdcuTaDfnFVtEUGUMXy1nCRCX0%2B7W1YXUGVgjmogCJaTp8w2CwNFjCarPr7i3aYeSWG7wCOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84abc64b5d26498e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOefuDp4R6g1ta8ZOyMV_Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CB5 0
20 B 101ms
95ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2CB5 42 B
64 B 107ms
100ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutTfyW66mdxpWlwVXL1_emGeT3Bhbn7tA-kiANMHo71V3TYPBwPu2w3QyaUoa0_JnvuMAuV3yCtt-OmRyMtQk4Mwe1KBAFnkMfUxftEDLMBmSnobJ0pRdWpufPQp8Br3aSSnhNBC7-FgfHOgpnkBuzcSWe&sai=AMfl-YT6eelF3aUf4cfeiu3Fo2MAH84P2qtNp2ozAhpNxgpAI_bvrDpUrAvm4i6Gjs3zUh4l6ib_SKm8c0sTowvD2ksY2ZrQMQBXGs1f2IDraldt4GpyMqRu2Y5_WL4UgQAO8lCRX4rinU_LpMd7cVkxeA&sig=Cg0ArKJSzEyhU0S42tSZEAE&cid=CAQSTwAvHhf_mPS07yKUeXPa-Dt2ugts-m9ATtUvHX0Y7ww1_BeHqMqXrY74IkDkhYbC9GCxi8BTVcuETlPbIdGIgg8vMwxt2MaNubbBL3YpIK4YAQ&id=lidarv&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D687561445%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1706135988683&avm=1

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 2CB5 42 B
64 B 94ms
90ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxMv6spGxZeiNBNm8n88PmaSwgAzw1tmNaa2d75rHEeWP_MIDEAEgs7OMJWDJhoCA3KPEEKAB_u62uQLIAQWoAwHIA5sEqgTpAU_QONFBXoJRgxW6-sfXEiPoFtwNRg9-gdA6ZtFr_sRilwlGM7Bkl542wMN-JRvF0nj5uEhqj3Q7WiwrnVvG4GXNWk928p5_Z8vJEAoIiYZnS3pk1ayd7pblwxfjYUSjWROuCiC8nfrBaqZvDCgFrNU8vRkzkUwoYNhi7_j1tIVlESAbBGGXW8FmGopVBgaMfS-QkKwS5krWvehj7UTRm4_ABimfp4522H2m_w515g-MCE8ULywrOm86hvHpGCBRKB5jWGOuwAB0Qi4rNf4GVJaI6IrprR9PUa_IW9NNyHJsef84WnIFfHbJwASWyJ63sQPgBAOIBa7a4OktkAYBoAZOgAfqkMnGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WIyKi-uL94MDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJVU7AT2N-JFsgT1a63CdgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=TtT4-3mW0Eo&label=vast_creativeview&ad_mt=6&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D6%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D687561445%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1706135988683

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 2CB5 0
54 B 144ms
140ms Ping
image/gif 2a00:1450:4007:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=5~lrsdbdi7&c=3325602368497&slotId=1662801184248.5&qqid=COiujeuL94MDFVne5wMdGRIMwA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2042&mt=video%2Fmp4&vs=1280x720&dm=15000&ple=0&umsem=0&event_name=first_play&asset_bytes=200570&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.234~ff.23n~videopreviewstarted.23p
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 2CB5 0
17 B 145ms
144ms Ping
image/gif 2a00:1450:4007:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=6~lrsdbe8v&c=3325602368497&slotId=1662801184248.5&qqid=COiujeuL94MDFVne5wMdGRIMwA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2042&mt=video%2Fmp4&vs=1280x720&dm=15000&met.4=vfl.2c6
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 184ms
183ms Image
image/gif 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.7.0&uid=f5aa44ee-877b-4856-9255-0bc4973e207f&dp=14&tz=-10%3A00&nc=554191&aid=0A00007FB291B1659E00F3B20269D48E&dT=2024-01-24T12%3A39%3A49.884
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 24 Jan 2024 22:39:49 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

counter
top-fwz1.mail.ru/ Frame 024E
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=116251824981742.481683917085948&a=77&e=0A00007FB291B1659E00F3B20269D48E&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0A00007FB291B1659E00F3B20269D48E.sy...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1706135990843&i=116251824981742.481683917085948&a=77&e=0A00007FB291B1659E00F3B20269D48E&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss...
https://top-fwz1.mail.ru/counter?id=3210372;pid=BSSjZai9676COO775dp7

43 B
875 B

177ms
177ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=BSSjZai9676COO775dp7

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:51 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Wed, 24 Jan 2024 22:39:51 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=BSSjZai9676COO775dp7
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

counter
top-fwz1.mail.ru/ Frame 024E
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=116251824981742.432250919526759&a=77&e=0A00007FB291B1659E00F3B20269D48E&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0A00007FB291B1659E00F3B20269D48E.sy...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1706135990854&i=116251824981742.432250919526759&a=77&e=0A00007FB291B1659E00F3B20269D48E&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss...
https://top-fwz1.mail.ru/counter?id=3210372;pid=P4AxTJn9YZGmcav7AsZ4

43 B
875 B

179ms
176ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=P4AxTJn9YZGmcav7AsZ4

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&aid=0A00007FB291B1659E00F3B20269D48E

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:51 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Wed, 24 Jan 2024 22:39:51 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=P4AxTJn9YZGmcav7AsZ4
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2CB5 42 B
64 B 98ms
97ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutTfyW66mdxpWlwVXL1_emGeT3Bhbn7tA-kiANMHo71V3TYPBwPu2w3QyaUoa0_JnvuMAuV3yCtt-OmRyMtQk4Mwe1KBAFnkMfUxftEDLMBmSnobJ0pRdWpufPQp8Br3aSSnhNBC7-FgfHOgpnkBuzcSWe&sai=AMfl-YT6eelF3aUf4cfeiu3Fo2MAH84P2qtNp2ozAhpNxgpAI_bvrDpUrAvm4i6Gjs3zUh4l6ib_SKm8c0sTowvD2ksY2ZrQMQBXGs1f2IDraldt4GpyMqRu2Y5_WL4UgQAO8lCRX4rinU_LpMd7cVkxeA&sig=Cg0ArKJSzEyhU0S42tSZEAE&cid=CAQSTwAvHhf_mPS07yKUeXPa-Dt2ugts-m9ATtUvHX0Y7ww1_BeHqMqXrY74IkDkhYbC9GCxi8BTVcuETlPbIdGIgg8vMwxt2MaNubbBL3YpIK4YAQ&id=lidarv&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D2009,0,0,0,0%26mtos%3D2009,2009,2009,2009,2009%26amtos%3D0,0,0,0,0%26mcvt%3D2009%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2250%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D281%26dur%3D15018%26vmtime%3D2256%26dtos%3D2009%26dtoss%3D1%26dvs%3D2009%26dfvs%3D2009%26dvpt%3D2250%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D687561445%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2009&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1706135988683

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/index.dwar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 94ms
94ms XHR
application/json 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080643

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5770ac6ebb197022df1b2e3450436114f3d7829b24fc347f2a8057eea88d8fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12203
x-xss-protection: 0

GET
H2 200 dc_oe=ChMIv6ju64v3gwMVIlxHAR2vQw08EAAYACCipKJdOhkI-I_4xgEQlsiet7EDGNWutwkgrZ3vmscRQhMI6K6N64v3gwMVWd7nAx0ZEgzA;dc_rmcid=CAQSTwAvHhf_mPS07yKUeXPa-Dt2ugts-m9ATtUvHX0Y7ww1_BeHqMqXrY74IkDkhYbC9GCxi8BTV...
ade.googlesyndication.com/ddm/activity/ Frame 2CB5 42 B
107 B 138ms
137ms Image
image/gif 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIv6ju64v3gwMVIlxHAR2vQw08EAAYACCipKJdOhkI-I_4xgEQlsiet7EDGNWutwkgrZ3vmscRQhMI6K6N64v3gwMVWd7nAx0ZEgzA;dc_rmcid=CAQSTwAvHhf_mPS07yKUeXPa-Dt2ugts-m9ATtUvHX0Y7ww1_BeHqMqXrY74IkDkhYbC9GCxi8BTVcuETlPbIdGIgg8vMwxt2MaNubbBL3YpIK4YAQ;eps=CIBhEAEYHzICigI6BIBAgEBIvf3BOliMiovri_eDAw;met=1;acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D3553,0,0,0,0%26mtos%3D3553,3553,3553,3553,3553%26amtos%3D0,0,0,0,0%26mcvt%3D3553%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3794%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D46%26pst%3D281%26dur%3D15018%26vmtime%3D3806%26dtos%3D1544%26dtoss%3D2%26dvs%3D1544%26dfvs%3D1544%26dvpt%3D1544%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3553,3553,3553,3553,3553%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D687561445%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3553;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1706135988683;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 2CB5 42 B
64 B 92ms
91ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxMv6spGxZeiNBNm8n88PmaSwgAzw1tmNaa2d75rHEeWP_MIDEAEgs7OMJWDJhoCA3KPEEKAB_u62uQLIAQWoAwHIA5sEqgTpAU_QONFBXoJRgxW6-sfXEiPoFtwNRg9-gdA6ZtFr_sRilwlGM7Bkl542wMN-JRvF0nj5uEhqj3Q7WiwrnVvG4GXNWk928p5_Z8vJEAoIiYZnS3pk1ayd7pblwxfjYUSjWROuCiC8nfrBaqZvDCgFrNU8vRkzkUwoYNhi7_j1tIVlESAbBGGXW8FmGopVBgaMfS-QkKwS5krWvehj7UTRm4_ABimfp4522H2m_w515g-MCE8ULywrOm86hvHpGCBRKB5jWGOuwAB0Qi4rNf4GVJaI6IrprR9PUa_IW9NNyHJsef84WnIFfHbJwASWyJ63sQPgBAOIBa7a4OktkAYBoAZOgAfqkMnGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WIyKi-uL94MDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJVU7AT2N-JFsgT1a63CdgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=TtT4-3mW0Eo&label=videoplaytime25&ad_mt=3807&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D3553,0,0,0,0%26mtos%3D3553,3553,3553,3553,3553%26amtos%3D0,0,0,0,0%26mcvt%3D3553%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3794%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D46%26pst%3D281%26dur%3D15018%26vmtime%3D3806%26dtos%3D1544%26dtoss%3D2%26dvs%3D1544%26dfvs%3D1544%26dvpt%3D1544%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3553,3553,3553,3553,3553%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D687561445%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3553&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1706135988683

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 22:39:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 80ms
80ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_fy2021.js?bust=31080643

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Jan 2024 22:39:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 04CC 13 KB
5 KB 68ms
64ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 9097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 20:08:15 GMT
expires: Thu, 23 Jan 2025 20:08:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 188E 829 B
1001 B 92ms
90ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8370c2269f3f0ac3b7156d9948c8f6414be8fac37a57917678f377b76c463609

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LIKGCLUR1GQhD9Yzp28XIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LIKGCLUR1GQhD9Yzp28XIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 22:39:52 GMT
expires: Wed, 24 Jan 2024 22:39:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 04CC 39 KB
15 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 20:07:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 188E 0
0 95ms
95ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=3989127231409994&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 04CC 0
10 B 65ms
64ms Image
text/plain 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?U3b-Gg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:39:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 98ms
97ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=3989127231409994&bg=!nZ6lntHNAAa8BdJLnAU7ADQBe5WfOIBQCs8V-5t5cTOYmTsIBKiHBdjRmuBv18VEeXOzutWvwO1gBexZ1MHJ7nmnwxa_AgAAAIlSAAAAGGgBB5kCt6Xpwg5ePy666RBOuQX7gB8xXdePSvZu_gYmWvmhufq3XbQKbM_rpN6kl5ZCv6WNukmb0r2rJpVF0szQOKrBEAoakqh4Ff8o7aIqICUw79SLAB7TWz4_gHP1J1381tH3opzawU_H2EPTC3E_V5mMeNwxRd1dHoqB87Oe5FgsUSILBVjGRQWsi3uEU92C18E_Fka5g5leU7m8p6ku2FDyFV7YUVRVTH8oLX28i2SYe6MA7KBZAN-4bzp5wyLCJBrvdtuysVrezfJ8_3WcPS8qWsilwc11jOgGYCrmxVmVQdirX_5BC3mrmWJBxZ_bpZENp6zM1-FYP8u27eg9dKIdq7bZxWp0FCsNDMd_2EZPIup_vb37W3n8CQAaFaOU7_Vm25s4iJM6wdywSSHkglaaPsciFPgLzszYKNZpIw0TIYFlO31MGUChXV5jhq74Y85FKeTIEqdxufXA-Wg2HzN-HaLhxI0FwQrU2mrJZussOej7penC9XYorTiHi2NeURlAXLPKxIv2asT9gnNsAJMQ_R9jknjwV92EbE2eL1FqsE8Xarro-cnaG-pz1ZjjImSD9OJ2xTm73nwhICsrn1AE9YBmG9KNxIwzu0meKiofHT-5-9W4LD2vqAVF7YouGpmQq68_VZrgo5QBdOPruJbfhASmQBkS7jSonYHXci1qcUOzFUAUb9A6r1CpiO4rvhayhjuZmFkcO8R295pVTgYUcZeWGvZLb35x8adkhbtuGJC7sOjLsY4bNlnqszdSKRklQpKOUp-KvPfLMP2E6VuGnPqnjIi3UgGibyqdkhgfsjc5rfI_M6AsAYS-8eHaYmH4t9g92q623B6z50H5AhKGJl5XW4lWPG-uCfo3YJeCIJvSTuxfpSeazqZfWD-y5o1hs0pq6okmDJNacEUMW7hewS4qrvorT7SZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

115 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kimberlite.io/rtb/sync	1970-01-20 18:05:40	Name: as Value: OFrH4WWxkbU
.rambler.ru/	1970-01-21 03:31:35	Name: ruid Value: 1CIAALGRsWWWYhIRAQZ2VQB=
.paladiny.ru/	1970-01-21 02:41:11	Name: adtech_uid Value: 8c7cff44-9bad-4a47-95c2-a82bf2047bf3%3Apaladiny.ru
.paladiny.ru/	1970-01-21 02:41:11	Name: top100_id Value: t1.1449916.1932420993.1706135985933
.paladiny.ru/	1970-01-21 02:41:11	Name: t3_sid_1449916 Value: s1.649043103.1706135985935.1706135985935.1.1
.paladiny.ru/	1970-01-21 03:31:35	Name: last_visit Value: 1706171985936%3A%3A1706135985936
.doubleclick.net/	1970-01-21 03:31:35	Name: IDE Value: AHWqTUl2hY55vX9SZVLCjowp7zXm4WavfwJbBdj9xtxIJHuIquWg3-O64GCnx7A5
www.paladiny.ru/	1970-01-21 03:31:35	Name: fid Value: 58074af4-a8b4-4a91-8976-fbde2e2b3373
.casalemedia.com/	1970-01-21 02:41:11	Name: CMID Value: ZbGRslXZy2R5OSgZR8hWRAAA
.casalemedia.com/	1970-01-20 20:05:11	Name: CMPS Value: 1548
.casalemedia.com/	1970-01-20 20:05:11	Name: CMPRO Value: 1548
.adnxs.com/	1970-01-20 20:05:11	Name: XANDR_PANID Value: I_LNeeLThjgPboF1orkSi68d9u2g7xKK3sqOk3FJNqlIwJNpSUAH1EqlOHVlqHwGUrCZX_hN3JUu8qgS4XbHB7hH-WmXuw3bXyFb0ltxB6A.
.adnxs.com/	1970-01-21 03:31:35	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:05:11	Name: uuid2 Value: 6578877067398608999
.adnxs.com/	1970-01-20 20:05:11	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In5AS4m-!@wnfH8K6pQK`!5=E<L5?%K5]@C:K2GP4VhWIZ>e%`(emW`>k9y#P)Dw)fGbpRzqF1`b`s+i2U
.acint.net/	1970-01-21 03:31:35	Name: aid Value: fwAACmWxkbKy8wCejtRpAkRbPWkwHFyWHH0abefFsngx64Nq
.paladiny.ru/	1970-01-21 03:17:11	Name: __gads Value: ID=e7c40c0c147cdbac:T=1706135985:RT=1706135985:S=ALNI_MZR0EtYcO9UQv-rbOoCkL2Yus_xhA
.paladiny.ru/	1970-01-21 03:17:11	Name: __gpi Value: UID=00000db9ce48a804:T=1706135985:RT=1706135985:S=ALNI_MaAjyy-bhflP6R9jx7P0au6JYY5sQ
.paladiny.ru/	1970-01-20 22:14:47	Name: __eoi Value: ID=45f1112f3afd67c6:T=1706135985:RT=1706135985:S=AA-AfjarKdxHOpjX6InN5TVszZqZ
www.paladiny.ru/	1969-12-31 23:59:59	Name: _ac_cid Value: 0A00007FB291B1659E00F3B20269D48E
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp14v6 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp17v2 Value: 1706135986
.acint.net/	1970-01-20 17:57:02	Name: cSyncDp45v5 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp53v5 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp62v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp67v3 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp68v3 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp71v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp80v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp85v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp95v4 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp98v3 Value: 1706135986
.acint.net/	1970-01-20 18:15:45	Name: cSyncDp104v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp107v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp110v3 Value: 1706135986
.acint.net/	1970-01-20 18:17:11	Name: cSyncDp125v4 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp126v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp127v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp129v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp136v3 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp146v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp148v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp149v3 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp151v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp251v1 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp186v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp217v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp221v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp235v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp239v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp243v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp260v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp244v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp248v2 Value: 1706135986
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp261v1 Value: 1706135986
.hybrid.ai/	1970-01-21 02:41:11	Name: vid Value: 32c2f456312b1ea75241
www.paladiny.ru/	1970-01-21 03:31:35	Name: _ac_oid Value: 9ac3a2d97c312cb4045a1bb0d443b0bc%3A1706139587518
.utraff.com/	1970-01-20 18:38:58	Name: preutid Value: 1
.upravel.com/	1970-01-20 17:55:36	Name: session_tptc Value: 1706135987487
.ssp-rtb.sape.ru/	1970-01-21 03:31:35	Name: sspuid Value: CkIDGmWxkbM0igLYGnsHAswKmbCRGws0TCI1HWkDTBpV1fss
.adhigh.net/	1970-01-21 02:41:11	Name: gi_u Value: u6o2eEf63qfc.AikABlGNPaElKQ
.ccsyncuuid.net/	1970-01-21 02:41:11	Name: jcsuuid Value: ZVhCzQlzCP31Rn6maF2x
.doubleclick.net/	1970-01-20 22:14:47	Name: APC Value: AfxxVi4IbnsoxslqxHQb59scH7wp55B9qKs4H-3EpSZGBUGe0plE_g
.upravel.com/	1970-01-21 03:31:35	Name: user_id Value: 45f2770a-e408-4cc4-9092-5358528c8501
.doubleclick.net/	1970-01-20 17:55:39	Name: DSID Value: NO_DATA
.adhigh.net/	1970-01-21 02:41:11	Name: sape_sync Value: L7Cw
.betweendigital.com/	1970-01-21 02:41:11	Name: dc Value: was1
.betweendigital.com/	1970-01-21 02:41:11	Name: tuuid Value: 72ddb1c2-2157-5319-8933-1392ec828221
.betweendigital.com/	1970-01-21 02:41:11	Name: ss Value: 1
.paladiny.ru/	1970-01-21 02:41:11	Name: _ym_uid Value: 1706135988534965636
.paladiny.ru/	1970-01-21 02:41:11	Name: _ym_d Value: 1706135988
.adriver.ru/	1970-01-21 03:31:35	Name: cid Value: APv0aNkioNPJG6TJvDEk1Ug
.acint.net/	1970-01-20 18:38:47	Name: cSyncDp14v4 Value: 1706135987
.betweendigital.com/	1970-01-21 02:41:11	Name: ut Value: ZbGRswANQohiu3z1jDyu8ZG5sgqf-ATHp7_JHw==
.mc.yandex.com/	1970-01-20 17:55:36	Name: sync_cookie_csrf Value: 1874879296fake
.yandex.com/	1970-01-21 03:31:35	Name: i Value: oF6HHYeshLr8iZ2n3h0Z5SZYnILa8Dn8ywaJpVjd1R1oOi9owbuzPLYBZrigDTHAvSS1kT5LcRQvfwipXJ/8EgVkkfA=
.yandex.com/	1970-01-21 02:41:11	Name: yandexuid Value: 9493318021706135987
.paladiny.ru/	1970-01-20 17:56:47	Name: _ym_isad Value: 2
sync.adspend.space/	1970-01-21 02:41:11	Name: as-user Value: 79fcf056-37bd-475b-a157-3b2bb578f8f4
.mc.yandex.ru/	1970-01-20 17:55:36	Name: sync_cookie_csrf Value: 3665150775fake
.rutarget.ru/	1970-01-20 22:14:47	Name: userId Value: 7aM9XKHP2GgV
ads.adlook.me/	1970-01-21 02:41:06	Name: adlm_userId Value: cc7d8fc4e4aa437a97f0713506632386
ads.adlook.me/	1970-01-21 03:31:35	Name: adlk_cmatch Value: sape%3A0A00007FB291B1659E00F3B20269D48E
.mc.yandex.com/	1970-01-20 17:57:02	Name: sync_cookie_ok Value: synced
.mts.ru/	1970-01-21 02:28:14	Name: dspid Value: 73cad835-3259-4e6a-b51e-b3eaa452c2a3
.yandex.ru/	1970-01-21 03:31:35	Name: yandexuid Value: 9493318021706135987
.yandex.ru/	1970-01-21 03:31:35	Name: yuidss Value: 9493318021706135987
.yandex.ru/	1970-01-21 03:31:35	Name: i Value: oF6HHYeshLr8iZ2n3h0Z5SZYnILa8Dn8ywaJpVjd1R1oOi9owbuzPLYBZrigDTHAvSS1kT5LcRQvfwipXJ/8EgVkkfA=
.yandex.ru/	1970-01-21 03:31:35	Name: yp Value: 1706222388.yu.6935887031706135987
.yandex.ru/	1970-01-21 02:41:11	Name: ymex Value: 1708727988.oyu.6935887031706135987
.uuidksinc.net/	1970-01-21 02:41:11	Name: jcsuuid Value: RlSI1Q0E0si7yJdUEveE
.yandex.com/	1970-01-21 02:41:11	Name: yuidss Value: 9493318021706135987
.yandex.com/	1970-01-21 02:41:11	Name: ymex Value: 1737671988.yrts.1706135988
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2128296201706135988
.bidvol.com/	1970-01-21 03:31:35	Name: bvuid Value: u6n0pq7zcn
.aidata.io/	1970-01-21 03:31:35	Name: __upin Value: d9aZtlRGCYuxmS639VJkWA
.aidata.io/	1970-01-21 03:31:35	Name: __upints Value: 1706135988
.agkn.com/	1970-01-21 02:41:11	Name: ab Value: 0001%3AkbK2gbe1mTVI82A%2F1PbY%2BSsTVpCYlZrE
.agkn.com/	1970-01-21 02:41:11	Name: u Value: C\|0EAAtRE41LURONQAAAAAAAQAHAAAAAAHNm8b__x4AAAAAAFwJXgAAAAAWMmBUAAAAAAuokiIAAAAAIY5t3AA
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.bumlam.com/	1970-01-21 03:31:35	Name: suuid3 Value: IiQ3YjMwNWQyNC1iYjA5LTExZWUtYmJiMS0wMDI1OTBjODI0MzY*
x01.aidata.io/	1970-01-20 17:59:55	Name: livin Value: 1
.gonet-ads.com/	1970-01-21 02:42:38	Name: pid Value: MzQ5MTVhMWVlMTUwMzQ1MA
.agency2.ru/	1970-01-21 02:28:14	Name: uuid Value: 0ca9033f-1f43-42f2-a626-cd709655eaba
.ohmy.bid/	1970-01-20 18:38:47	Name: uid Value: f0e2d0a4-e49d-45fc-ae9c-b610709fb6d5.65b191b5.9be77ef47ad0f8f7
.mts.ru/	1970-01-21 03:31:35	Name: mts_id Value: a37d2c71-9c16-4bcd-9357-1698dad596ae
.mts.ru/	1970-01-21 03:31:35	Name: mts_id_last_sync Value: 1706136055
.adx.com.ru/	1970-01-21 02:41:11	Name: user Value: 65b191b5a897d80001f5c578
kimberlite.io/	1970-01-20 20:05:11	Name: u Value: ZbGRtWqlG3s~JPOyfhEF7X83Qp7SxM9aKUIZmKU
sync.dsp.solta.io/	1969-12-31 23:59:59	Name: chk Value: 1
.dsp.solta.io/	1970-01-21 03:31:35	Name: pid Value: MTZlMzM4NmI1YzQ4MmFjNw
ssp.afp.ai/	1970-01-20 18:40:14	Name: afp_cookie Value: gAAAAABlsZG2ddsTX30K66yZ8xP8lr59QVIsLKugawOxJS6ULHBdr0HtTSXV5A3NJ8Hgpp9dkkAgjQBQ2aerDKEg4in0N9egFEQ8qQMSyVCxNmx59WNK_HZnlQe8SUQy2K-UhMlutXiECZyg7FidflYt3HMgZUSpM45ijDEESS035sPQ8xQtXjrOnNSESF2wRUc8CTnfyGGA$
.weborama.fr/	1970-01-21 03:21:31	Name: AFFICHE_W Value: PvhrreHZObg@91
.dmg.digitaltarget.ru/	1970-01-21 03:31:35	Name: viuserid Value: P4AxTJn9YZGmcav7AsZ4
.mail.ru/	1970-01-21 02:42:38	Name: VID Value: 0Vv51I2XrioM00001F2UbCoM:::0-0-0-acbea73-0:CAASEO8A4SdpfUVX-cPEqUlBe04aYNeHJcUik-QYBJj8E_aM0MEocoT_mYGNJ3WFNQpiKC2TFC8WpV61iFfRvXMXmkfDnuOZxMBBIIzRZWxc9z9Le23Wd4JZ7HTzpw4DTniIp6mtbJ-L4s7GrqAgL7p5oPDyag

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://sync.programmatica.com/match/01 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65b191b5a897d80001f5c578%26r%3D&webouid=9yqIq6YADv1fdOrj57fLZ. Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7b305d24-bb09-11ee-bbb1-002590c82436.n5.sync.bumlam.com
a.utraff.com
acint.net
ad.doubleclick.net
ad.mail.ru
ade.googlesyndication.com
ads.adlook.me
ads.betweendigital.com
adx.com.ru
an.yandex.ru
bid.g.doubleclick.net
cdn-rtb.sape.ru
cm.g.doubleclick.net
counter.rambler.ru
counter.yadro.ru
cs.agency2.ru
csi.gstatic.com
d.agkn.com
d4.c1.b4.a1.top.list.ru
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dsum-sec.casalemedia.com
dwar.ru
ev.adriver.ru
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
kimberlite.io
kraken.rambler.ru
match.new-programmatic.com
match.ohmy.bid
mc.yandex.com
mc.yandex.ru
nr.bidderstack.com
pagead2.googlesyndication.com
paladiny.ru
pix.bumlam.com
pixel.konnektu.ru
px.adhigh.net
r3---sn-q4fl6n6r.c.2mdn.net
redirect.frontend.weborama.fr
s.ccsyncuuid.net
s.uuidksinc.net
s0.2mdn.net
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.afp.ai
ssp.bestssp.com
ssp.bidvol.com
sync.adkernel.com
sync.adspend.space
sync.bumlam.com
sync.dmp.otm-r.com
sync.dsp.solta.io
sync.gonet-ads.com
sync.programmatica.com
sync.rambler.ru
sync.upravel.com
tag.digitaltarget.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
vma.mts.ru
w1.dwar.ru
w2.dwar.ru
www.acint.net
www.google.com
www.googletagservices.com
www.gstatic.com
www.paladiny.ru
x01.aidata.io
130.193.58.13
142.250.81.226
142.251.40.130
142.251.40.134
142.251.40.226
146.185.148.189
148.251.129.43
158.160.128.78
167.235.33.113
167.235.9.235
172.253.115.156
172.64.151.101
174.137.133.32
176.122.21.139
178.22.89.12
185.12.127.130
185.15.175.134
185.15.175.147
185.40.31.213
188.42.105.236
188.72.107.205
188.93.63.157
193.232.150.60
193.3.184.135
193.3.184.211
194.55.244.179
195.209.108.56
213.87.44.187
217.199.220.44
217.65.2.150
217.66.147.37
217.66.147.38
23.111.107.44
2600:9000:215f:7e00:19:fc2c:a140:93a1
2606:4700:20::681a:6bd
2607:f8b0:4000:19::8
2607:f8b0:4006:808::200a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2003
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81e::2003
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2006
2607:f8b0:4006:823::200a
2a00:1148:db00::17
2a00:1450:4007:807::2003
2a02:6b8::1:119
2a02:6b8::90
31.172.81.159
31.220.27.134
35.190.24.218
37.230.131.22
45.139.25.122
5.189.234.227
62.109.24.241
65.109.65.187
68.67.160.24
81.19.89.16
81.19.89.18
81.222.128.213
83.222.117.90
83.222.96.170
88.212.202.52
89.108.120.76
91.192.148.36
94.130.221.58
94.228.127.171
95.163.52.67
96.46.186.59
07bcf6f000a5d0e894101001323f067a0132fe8c065218e55a54b4c44b892632
082213dd11b283471559bdd96f0d8e4d3271e4cf891bb043ff40d1214425e306
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e10f07e21bdc3acceb8b6163bc8d6f749147a15abde39f6d65f5eae72d4e404
0e5dd0968f7537aa57747c32f3a41751961bb82b27cee5d9562197c02db5324f
0f883456ac7a160704cba073537061e2cc7cacffb5367ec79e9823ac37a25441
10832e5bb99c670b86b3674ce3ff3982dc5819b970f36262ab117641835fea7f
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
11011bbf0d3cb26e0fceafca878f9b4c4f2e6f8c9c3a16ac3596bf728a9e13aa
16a13f03800eb94f7dd25cafb4f617f9d123631760262c4d2c8217c1ed8b8b29
16a992224a960c618cc1c18e44a4b6301a665cad4039374421247a353bd9db75
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18863edc17d105efe80f3ca8d2833dcbac289e1de33d7bb2ecfb53a4a2136b11
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e97ec018a5a500f1b8046e66a18155ab2db29f2f63dad606a443b1196f83216
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20ff99e448fa1b08900e977609bd2a57537c99e7f190c1fc3549f778e1b5f879
213bb8cd33e8de49166a067eaa45fdd8b1649e3df576b4a1c43151e31c474fe4
2424b2e976617601f41ddb5d7258048adff1c50e9b4e82c42f5bd7ef864ebd54
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2611916f938882a3b2abbffb2ca0af48b22dbdb42bac519fe4c5962f7715ecdf
284d9df9ba2df4f483cccce3976a6fb6d094a28009fa14e0fd0f591a3b16c6d9
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31ef2a7ad3ff0d361a9020bb4cc9a957fda2dd7dc1380d681c812abd3ecd6f54
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
35c05f5c905b9dcd33731994cee6d93c8421a0453385dac467cd835d5290b305
36d71a4322b43e8bc7f079e0e9ff676e97ac8af955332e30de9d513e0ca8b861
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
40ed9971456e7552b7bcc66b4a048f01579b9c058293947df3abf9e23ce7e34c
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4227347d816335bc568470d0c065ce379f906fca2214f5b210d6ac32f0f1cf81
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
4352e17e29cc43306f11c9e6d6e652a9bdad95b7469dea705d85d31a38089bf9
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
46612b2c33d8502a26bef927b364c85ba1bd5e8c9491bb9c369ec9d8900682ba
467da83dd32db97c82e624d9023508f35a223e803d50551c6aa8efe5600f44f9
467df629965cb31a59773a22d0ca9d38b41142dbfcdcabfc8e4bc10b0885f6e3
4741017e14fbeebccff8b1a7c163923ede8be6230a8d321863de9c84fa15c3bd
487238b9c9c6d7ade7161ece3909d28315189cddd05644fd918b5b7dc40b0929
4909f41909ddc2270c51040c1b2548c64696cb652fa9348221b3cf52c38df337
4ac7a7ce8eaafe4daa2bf8c13617528186c79f18276ce174222ab721aa6ad913
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0f1cb81072fca61fa7f3bd64686888ed3b58e76940dc878de87f4ae51f5c64
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
52ed1a4d1b894947d902eb50bbecb6b9c46d5d24678f1670d85ece0e1ea94395
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556f5f52b8aefd4caa5e44b22b6f5be1b9fa9a66cedd040244594ccbb3016479
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e861d875a84cfe9e5134f41ac3f13e245e5f6002bdfb21ba383228cfe9b2d0
5770ac6ebb197022df1b2e3450436114f3d7829b24fc347f2a8057eea88d8fe7
57d71b72317038d6bba7a8d12bbcf44969a75ac2da004911f803e1010ef5c79c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e740b4c722831d9a6451a42a01ca2541e1a0c2af5718703a89bc9823c16099a
60164a4d15f633baa04ddf270057251bc051884127ccf98bf430635cafc4eb93
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63f03b438a3e9e864cd2193559b3efc05731cc55cf308ad75805fd9c441917e2
6400a39fde3f088e724fa23ed2713c7bddd7e040887f160a1f10879de799b07e
641b55af74c429c254e1e294d83d3f9f6fdb3f4d18396635e0bf2720564b8e3f
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
64cac79afa1f931b362ec56fdb352b0ab2c1f19a50b92185aa92171cc6d4d912
664cd053448edad7c51b1a5e024c9ae8b9f727593d023864b99d9b909ed48c2c
6757a794295d7c879b85d298940e47ba17ba94d73399101b1eb90081f703783f
692050722f9a8d3f195948f6f6611f678ca177e029da1d1c3138fd04a2d19d05
6928d950213d68037a85890346f61be7cac1532a37a3ff788bb2c2bfc9aefe2b
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b9159f40e567f25875eea66a419bac05adb855287a6a5ea89db394abbc3c12e
6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0
6c7bd67d4e974ad78e9c8f024603ef0c1bd0ae2f5d8b1fe68e058be32a748bdc
74dcd398eafd7dbc3d07b76625839f63f464de97b26adca97ac30883cf79b0d9
74e51ad76a9c144a79ddce4488618495769b9c3af5b6ff4651315545850ae3a2
769bcb8ae106f95598a693f66f8798cf3b52047ab7b1b7ff53a9077d1564a711
81ef08e396bcdcd43e379cb510e33a8c4b11aa226423808ebce14d1e4702ddf6
82a243f1185d308e2b5425cb7870d71365d75c741f0bd146be301110ca1bb471
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
8370c2269f3f0ac3b7156d9948c8f6414be8fac37a57917678f377b76c463609
8412bce443ef6b3d9c4de58c77ea3571a92b2e5813c5d48712b8e3115d271105
84c778ec8e53f897b7ed92b2e556a04229ffdcfc65a53c42d7fb2654d359c83b
877114c35f4d21070e2cd28451a515493963cf7f5e8dc3a4ddb7e23b06f39c3a
8c1e06daa0635ddc986efacf5d8d75e0bd042630b25ff3ff89a016eea620d5fe
9136d411ae25e3b6095f96a4dd7a8e6e88d42af73d49bf7f447a53cf494913dc
9161a5a0823acd003042976f05fc26bed4039c2e9e1977dd7b358634df4a6c24
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
991f019316b8c5ab27cf793d84e794cc1d18f30307d8197bfca63fa6db512ed3
9ac53bb2cfdd53aaa5b0aed2c06b9343b84108d14a615d9f802ceafbea63c1b3
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c98d0d06e9875cb3b2b2550bd6bf077c4a30952e60d20e72ca59c6df4627d1a
9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33
9f20d1e58609e8d73a77c16bf2ff3a53b87439cfd537dff3bd344c86b400d760
9f2c57e3715b87f2abe5a04e67385cacb2a05d59ab1199a9913e5cd808f32f3b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a13fa404297bf52896c2e3ddda49891e7f23c268d43a1cf04a03a2b02e32ad54
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a9545d5aaaffeaa1d0c5e92529a2e1b3ac276c1ab9f2201e5a4d6aecf31d662b
aad4d0b19ec249e3b35d8a085b29ed2e9b84388e511ea5dbb31df9e1d1a18ae6
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aba4852dfc7b5f2bafef02200c329f1cb1ae85786eb6c359efc8b05bc3b2e59f
ae1401ab4ddd9845a325bf809e93499c7d8bc0a52e8f032f206da67272aabcc0
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
b019583688f35960e784dc4e214047f401ceede5d2a1e830e1945c63d1cada80
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
b4b64eb2181cf8894c2e85c0c757bdcd346d6274fc3b2a8a450abc9717c571ac
b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98
b6c3cc61662396e5e69e08cae9a8bf73a62ffe433545c0d1783a30ac5a761e6a
b8799aee68c4e47eaebfb86799362bd4dd73a199d661a0d6838d3e83cacbdec4
b9d3550ec6290d4577c10314a6b5580fd0e7415bc9e3ad3dc7d439621b3d2c37
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
bdae14000f409e929efc6f3cfd785b90a939d22044705a48f1a3b5074620fc12
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
c5da2474740f8762021661a2d791f5d348e1109d60b0b11c319bddb16d089836
c664d5978cf581aed82573b3aa67871eafed5cbab4a9fa2b606d24d0fb849aee
c71ec8ac9aadefb1dc21c1b3048b6d8f2640804536f6a7acd11b2a2b4c9939fc
cec8daa3247004d679962186c0e4ab619a2e2e268be83a9f0e30a63941fed980
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
cfdbae1c302cf3e3cf68a0b9a049503fbec2165e1ee9b783bc67b7c4deb657c7
d17ef4cb1661283f9fe5bd764b3d235e7fd95f330575296c889a3925a6c25556
d251101f3039f702bd870b1e4ae92addc42f895f3f9699f0d1341aaed075c47f
d4dc068700802f1a3ff3f640e249a537e3c10deefd2fd33fb614bc1c5f022f8c
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
d76a1715a5e2fd386a0fa2eeb08818d38eb8069a689f5e3d78b93f6dd8b0f060
d86f06fa78fa503f1cdf2c9de099f9e691871af0f4c05b10c2bc32399e4b8a48
d9453129c16b0215069d80e4b526c0546b259fae8d615e1b3aa775a8d76bac57
d9a646084d08615946bbce7d4b06dfe8e6bed44733e42aaf03cd3e564a6a4b7c
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
da3aac110278116dac2ac2359465f8c511d12cee712ca74e828350e891c92846
dcf1a524e28148460c60ba9e8ed9477b7f8ae2f536650bd883b48ec12aa853cf
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
df1c3706de99045e28932083d74815c3bc1330c57de9c861e5f4e5de88ae70e4
e21dd1f07b60c27a6658e8d07e62973b6efeb112eb512741d58fe5fa72a301d7
e24ab7000162970de99766dd4222d0ed88adea64e1e08b044edfe5268360d7e8
e2ed7d372b4df9b6132f8bc5ee9534994a37790e9f8612c89de3131ac0a3ee76
e343b922783a7d473723eddf5276b370eac4f61f63aa09b4e9c675818619a5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d68b7b7c354a51caf3dbaadc87f1a3e57249e72ef6967eb5f3da63f9a002ef
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e84f9d215aef304b54560e5912507aa5de744a345ba1d9324a5bf95af7eaf526
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb9d2de9eb262c519a7f476d9e8b1c23b180e34bf242ea7bf587b87caba2b915
eebb322b3693f50b9728fec5f5722da542e92c419c8b96e552ee5e1acff0333a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f1533d88066cf986a9dd24c2ada9e9386cbdd29793e1448af235bac55a16dbb0
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f930cf40c417e13546aac7229e5855de567565e4c2428bef6f7f9af21cb60d90
fd4424b11c227abdf21fecb2be1ba5d1ce2ebbe9018378a40ea62c062401cf04
fd7bd8899129d916ffbfa0b67e14f6dde1fd46008f042ef00dfbd7dd99361511
ff424caa88cbea4e212549b1098a341924b923fbb4ed9396e628f493821cfe59
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

www.paladiny.ru Open in urlscan Pro 146.185.148.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

258 Requests

57 %HTTPS

24 %IPv6

52 Domains

78 Subdomains

45 IPs

7 Countries

7108 kBTransfer

9973 kBSize

115 Cookies

27 Outgoing links

Page URL History

Redirected requests

258 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paladiny.ru Open in urlscan Pro
146.185.148.189 Public Scan

Screenshot
Live screenshot

Full Image

258
Requests

57 %
HTTPS

24 %
IPv6

52
Domains

78
Subdomains

45
IPs

7
Countries

7108 kB
Transfer

9973 kB
Size

115
Cookies

258 HTTP transactions
3 data transactions