anarim.az Open in urlscan Pro
31.184.197.212 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://anarim.az/comerica/index.php
Effective URL:
https://anarim.az/comerica/index.php
Submission: On August 18 via api (August 18th 2022, 1:49:50 pm UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 21 IPs in 8 countries across 23 domains to perform 47 HTTP transactions. The main IP is 31.184.197.212, located in Russian Federation and belongs to PINDC-AS, RU. The main domain is anarim.az.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 1st 2021. Valid for: a year.

This is the only time anarim.az was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	31.184.197.212 31.184.197.212	34665 (PINDC-AS) (PINDC-AS)
2	2606:4700:303... 2606:4700:3035::ac43:942e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	45.133.44.24 45.133.44.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	2606:4700:303... 2606:4700:3037::6815:3782	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
3	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
2	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	62.212.82.77 62.212.82.77	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:400e:80d::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.227.149.183 213.227.149.183	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
6	45.133.44.25 45.133.44.25	7018 (ATT-INTER...) (ATT-INTERNET4)
2	23.88.85.6 23.88.85.6	24940 (HETZNER-AS) (HETZNER-AS)
1	88.198.209.13 88.198.209.13	24940 (HETZNER-AS) (HETZNER-AS)
1	168.119.25.22 168.119.25.22	24940 (HETZNER-AS) (HETZNER-AS)
2 4	2a01:4f8:e0:1... 2a01:4f8:e0:19cb::1	24940 (HETZNER-AS) (HETZNER-AS)
4	159.69.167.66 159.69.167.66	24940 (HETZNER-AS) (HETZNER-AS)
2 2	2a01:4f8:c0:3... 2a01:4f8:c0:33d8::1	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:128:7:59... 2a02:128:7:5940::3	50245 (SERVEREL-AS) (SERVEREL-AS)
47	21

8 31.184.197.212 (Russian Federation) 1 redirects

ASN34665 (PINDC-AS, RU)
PTR: 31-184-197-212.static.x5x-noc.ru

anarim.az	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:942e (United States)

ASN13335 (CLOUDFLARENET, US)

kingads.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:3782 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.kingads.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kingads.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

bigrourg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

kingredirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.212.82.77 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

cdn.trafficbass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

glizauvo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.149.183 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.trafficbass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.25 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4f5ee1655d.f49113460e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.cabnnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.1vag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.88.85.6 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.6.85.88.23.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.209.13 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-209-13.clients.your-server.de

notification.tubecup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.25.22 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.22.25.119.168.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:e0:19cb::1 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

bd10698afb.f49113460e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.167.66 (Ukraine)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.167.69.159.clients.your-server.de

static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:c0:33d8::1 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

rtbrennab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5940::3 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

btds.zog.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	anarim.az 1 redirects anarim.az	30 KB
6	kingads.mobi kingads.mobi — Cisco Umbrella Rank: 902206 cdn.kingads.mobi	95 KB
5	f49113460e.com 2 redirects 4f5ee1655d.f49113460e.com bd10698afb.f49113460e.com	8 KB
4	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 50814	5 KB
3	bigrourg.net bigrourg.net — Cisco Umbrella Rank: 241639	40 KB
3	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 28639	32 KB
2	rtbrennab.com rtbrennab.com — Cisco Umbrella Rank: 42140 Failed	2 KB
2	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 49807	79 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 32099	363 B
2	gstatic.com fonts.gstatic.com	55 KB
2	trafficbass.com cdn.trafficbass.com — Cisco Umbrella Rank: 102473 z.cdn.trafficbass.com — Cisco Umbrella Rank: 110905	2 KB
2	kingredirect.com kingredirect.com	842 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9849	1 KB
1	1vag.com cdn.1vag.com — Cisco Umbrella Rank: 58536	334 B
1	zog.link 1 redirects btds.zog.link — Cisco Umbrella Rank: 44014	222 B
1	nereserv.com nereserv.com — Cisco Umbrella Rank: 41897	201 B
1	cabnnr.com js.cabnnr.com — Cisco Umbrella Rank: 59366	15 KB
1	tubecup.net notification.tubecup.net — Cisco Umbrella Rank: 14276	3 KB
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 51647	2 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 13322	541 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	28 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	1 KB
1	glizauvo.net glizauvo.net — Cisco Umbrella Rank: 77526	356 B
47	23

	Domain	Requested by
8	anarim.az	1 redirects anarim.az
4	static.bookmsg.com
4	bd10698afb.f49113460e.com	2 redirects js.wpushsdk.com
3	bigrourg.net	kingads.mobi bigrourg.net
3	cdn.kingads.mobi	anarim.az
3	js.wpadmngr.com	anarim.az js.wpadmngr.com
3	kingads.mobi	anarim.az
2	rtbrennab.com	js.cabnnr.com
2	js.wpushsdk.com	js.wpadmngr.com
2	fp.metricswpsh.com	js.wpadmngr.com
2	fonts.gstatic.com	fonts.googleapis.com
2	kingredirect.com	kingads.mobi cdn.kingads.mobi
2	counter.yadro.ru	1 redirects anarim.az
1	cdn.1vag.com	js.cabnnr.com
1	btds.zog.link	1 redirects
1	nereserv.com	js.wpushsdk.com
1	js.cabnnr.com	js.wpadmngr.com
1	4f5ee1655d.f49113460e.com	js.wpadmngr.com
1	notification.tubecup.net	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	my.rtmark.net	bigrourg.net
1	z.cdn.trafficbass.com	cdn.trafficbass.com
1	cdnjs.cloudflare.com	kingads.mobi
1	fonts.googleapis.com	client
1	glizauvo.net	cdn.kingads.mobi
1	cdn.trafficbass.com	anarim.az
47	26

This site contains links to these domains. Also see Links.

Domain
xeberler.anarim.az
video.anarim.az
music.anarim.az
wikipedia.anarim.az
whatsapp.anarim.az
hekaye.anarim.az
www.liveinternet.ru
kingredirect.com

Subject Issuer	Validity	Valid
*.anarim.az Sectigo RSA Domain Validation Secure Server CA	`2021-10-01` - `2022-10-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-17` - `2023-06-17`	a year	crt.sh
js.wpadmngr.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
bigrourg.net R3	`2022-07-05` - `2022-10-03`	3 months	crt.sh
*.kingredirect.com E1	`2022-08-15` - `2022-11-13`	3 months	crt.sh
*.cdn.trafficbass.com Go Daddy Secure Certificate Authority - G2	`2022-04-08` - `2023-04-07`	a year	crt.sh
glizauvo.net R3	`2022-08-01` - `2022-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
na.nawpush.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
notification.tubecup.net R3	`2022-06-20` - `2022-09-18`	3 months	crt.sh
4f5ee1655d.f49113460e.com R3	`2022-08-15` - `2022-11-13`	3 months	crt.sh
js.cabnnr.com R3	`2022-06-23` - `2022-09-21`	3 months	crt.sh
js.wpushsdk.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
f49113460e.com R3	`2022-08-15` - `2022-11-13`	3 months	crt.sh
bookmsg.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
cdn.1vag.com R3	`2022-07-28` - `2022-10-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://anarim.az/comerica/index.php
Frame ID: ED7D10E15C80D99F7739298F5186BB70
Requests: 41 HTTP requests in this frame

Frame: https://static.bookmsg.com/creatives/PH/PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp
Frame ID: E88C700877D35476F7B0DC29E1B7997B
Requests: 21 HTTP requests in this frame

Frame: https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiUHVsc3V6JTJDVmlkZW8lMkNZdWtsZSUyQ01wMyUyQ1l1a2xlJTJDU2hla2lsJTJDWXVrbGUlMkNLbGlwbGVyJTJDWXVrbGUlMkNBbmFyaW0lMkNBeiUyQ1B1bHN1eiUyQ1l1a2xlbWVsZXIlMkNTYXl0aSUyQ1ZpZGVvbGFyJTJDQXh0YXIlMkNZdWtsZSUyQ1ZpZGVvZGFuJTJDbXAzJTJDbXA0JTJDM2dwJTJDeXVrbGUlMkNXaGF0c2FwcCUyQ1BsdXMlMkN5dWtsZSUyQ1NoZWtpbGxlciUyQ0J1dHVuJTJDYXh0YXJkaXFsYXJpbml6aSUyQ2J1cmFkYSUyQ3RhcGFjYXFzaW5peiUyMCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDI2LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE3ODQ4NTY4NDciLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoyMTkyMSwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjAsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIyMTkyMSIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cHM6Ly9hbmFyaW0uYXovY29tZXJpY2EvaW5kZXgucGhwIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjU4YjA3NDllODc5ZWNjODNhMGJmYmY0N2NmOWUwYTkyIn0sImV4dCI6eyJkdCI6MTY2MDgzMDU4OTcxMH19
Frame ID: FADF4A8D70EC44BE213C9A4C59A03569
Requests: 1 HTTP requests in this frame

Frame: https://cdn.1vag.com/1x1.png
Frame ID: 72F6AFFCF8BD5D47F25107902BD05715
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pulsuz Video Yukle, Mp3 Yukle, Shekil Yukle, Klipler Yukle

Page URL History Show full URLs

http://anarim.az/comerica/index.php HTTP 301
https://anarim.az/comerica/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

91 %
HTTPS

41 %
IPv6

23
Domains

26
Subdomains

21
IPs

8
Countries

399 kB
Transfer

1225 kB
Size

6
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://xeberler.anarim.az/
Title: Son Xeberler

Search URL Search Domain Scan URL

URL: https://video.anarim.az/
Title: Video Yukle Video Axtar Yeni

Search URL Search Domain Scan URL

URL: https://music.anarim.az/
Title: MP3 Yukle MP3 Axtar New

Search URL Search Domain Scan URL

URL: https://wikipedia.anarim.az/
Title: Informasiya Melumat Axtar Yukle Wiki

Search URL Search Domain Scan URL

URL: https://whatsapp.anarim.az/
Title: Whatsapp Plus Yukle2022

Search URL Search Domain Scan URL

URL: https://hekaye.anarim.az/
Title: Ehtirasli Hekayeler

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://kingredirect.com/redirect/v2/?ads=1081&title=Pulsuz%20Video%20Yukle
Title: MƏZMUNA BAXMAQ İCAZƏ VERİN.İCAZƏ VER!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://anarim.az/comerica/index.php HTTP 301
https://anarim.az/comerica/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://counter.yadro.ru/hit?t24.6;r;s1600*1200*24;uhttps%3A//anarim.az/comerica/index.php;0.3144122313946165 HTTP 302
https://counter.yadro.ru/hit?q;t24.6;r;s1600*1200*24;uhttps%3A//anarim.az/comerica/index.php;0.3144122313946165

Request Chain 40

https://bd10698afb.f49113460e.com/in/show/?mid=1627218719&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=1350127564&sid=3777001204&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=9e664a0eba41631ad7697a7366d48747&tcid=0&out_id=1&ver=7.0.0&ver_c=&refdom=anarim.az&hostname=auc-inpage-hz-7&site_id=3111457&spot_id=11457&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-08-18&is_native=4&auction_queue=0&burl=DD1M9UIQhsPJ4ZPGmthNKJhzw3CDzaZH91R7JOcqTtcrQ2GD_iZaTw&pop_winurl=&ip=80.255.7.107&testab=0&px_id=0&adblock=0&auction_host=all&mm=0&yc=0&render_type=mq&campaign_type=pop-default&uniq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&exp=0&resp_type=&iabcat=IAB24&min_cpm=0&placement_type_id=&skin_test=0&verify_hash=c7a6de5c2fc83a5a76f146b5ff20c7ac&score=82.61863475755895&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1350127564%26spot_id%3D11457%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fanarim.az%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=&v2_track=0&url=tFbsUDW3CBF0zCAH66ZE_Rhj5bFtX1GcXJ1EEJrNJKGkEGd3Y4UWA1ghJYjcjl_g7EiUDW_0Aqx0RYMnqNMAEIlhch-Wqh3Jf4CujTZ--B3_6dbm1VMlLtYuyAHiHNHzvB_ZU4XDf9GhCppiaVHm3-iThuNirLRtLVidHtlG3RjWeo7yag&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FPH%2FPH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp&skin_id=3&vertical_id=0&real_bid=0&pr=&user_keywords=&auc_type=1&aid=0&ext_cid=0&device_theme=light&mlc=1&format=im-slide-b_r-body&mlf=1&cpa=38efc841-95c2-4099-b9d6-6f9fb93cb5d7 HTTP 302
https://static.bookmsg.com/creatives/PH/PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp

Request Chain 42

https://bd10698afb.f49113460e.com/in/show/?mid=1627218719&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=1350127564&sid=3777001204&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=9e664a0eba41631ad7697a7366d48747&tcid=0&out_id=0&ver=7.0.0&ver_c=&refdom=anarim.az&hostname=auc-inpage-hz-7&site_id=3111457&spot_id=11457&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-08-18&is_native=4&auction_queue=0&burl=O1FyTLwTKtp2f89Y8kpvAU7W9aF8N2kFaI0ru9blA0focAlYAoUaPg&pop_winurl=&ip=80.255.7.107&testab=0&px_id=0&adblock=0&auction_host=all&mm=0&yc=0&render_type=mq&campaign_type=pop-default&uniq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&exp=0&resp_type=&iabcat=IAB24&min_cpm=0&placement_type_id=&skin_test=0&verify_hash=c7a6de5c2fc83a5a76f146b5ff20c7ac&score=82.61863475755895&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1350127564%26spot_id%3D11457%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fanarim.az%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=&v2_track=0&url=TkO0sjeZGTz-e6iM3FPLjdB_yMK80DHJN6iA3o3vB1J4FQ3prpwHkfcWtPjvtCKBwQbEzH6v6CNOL2PQlGHjr1onXFD5rSlr6GFRqPncvyOJ-Wb4iyxVAxlyU6Y1pB0shqCTSvcuPx23hsEo0FNcV0zCbfuGt0_KiY1yTrOiVnGIbyJXsQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FPH%2FPH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp&skin_id=3&vertical_id=0&real_bid=0&pr=&user_keywords=&auc_type=1&aid=0&ext_cid=0&device_theme=light&format=im-slide-b_r-body&mlf=1&cpa=719e24bb-6b1d-410d-a7fb-5b4ab3be0fc6 HTTP 302
https://static.bookmsg.com/creatives/PH/PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp

Request Chain 64

https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiUHVsc3V6JTJDVmlkZW8lMkNZdWtsZSUyQ01wMyUyQ1l1a2xlJTJDU2hla2lsJTJDWXVrbGUlMkNLbGlwbGVyJTJDWXVrbGUlMkNBbmFyaW0lMkNBeiUyQ1B1bHN1eiUyQ1l1a2xlbWVsZXIlMkNTYXl0aSUyQ1ZpZGVvbGFyJTJDQXh0YXIlMkNZdWtsZSUyQ1ZpZGVvZGFuJTJDbXAzJTJDbXA0JTJDM2dwJTJDeXVrbGUlMkNXaGF0c2FwcCUyQ1BsdXMlMkN5dWtsZSUyQ1NoZWtpbGxlciUyQ0J1dHVuJTJDYXh0YXJkaXFsYXJpbml6aSUyQ2J1cmFkYSUyQ3RhcGFjYXFzaW5peiUyMCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDI2LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE3ODQ4NTY4NDciLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoyMTkyMSwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjAsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIyMTkyMSIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cHM6Ly9hbmFyaW0uYXovY29tZXJpY2EvaW5kZXgucGhwIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjU4YjA3NDllODc5ZWNjODNhMGJmYmY0N2NmOWUwYTkyIn0sImV4dCI6eyJkdCI6MTY2MDgzMDU4OTcxMH19 HTTP 302
https://rtbrennab.com/banner/in/show/?mid=403020835&pid=0&site=21921&sc=DE&usage_type=DCH&subid=1784856847&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=anarim.az&hostname=auc-banner-hz-4&site_id=0&spot_id=21921&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2a01:4a0:1338:92::11&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=99&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D21921%26source%3D1784856847%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D21921%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DPulsuz%252CVideo%252CYukle%252CMp3%252CYukle%252CShekil%252CYukle%252CKlipler%252CYukle%252CAnarim%252CAz%252CPulsuz%252CYuklemeler%252CSayti%252CVideolar%252CAxtar%252CYukle%252CVideodan%252Cmp3%252Cmp4%252C3gp%252Cyukle%252CWhatsapp%252CPlus%252Cyukle%252CShekiller%252CButun%252Caxtardiqlarinizi%252Cburada%252Ctapacaqsiniz%2520%26spot_id%3D21921%26p%3Dhttps%253A%252F%252Fanarim.az%252Fcomerica%252Findex.php%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C26%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D99&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Pulsuz%2CVideo%2CYukle%2CMp3%2CYukle%2CShekil%2CYukle%2CKlipler%2CYukle%2CAnarim%2CAz%2CPulsuz%2CYuklemeler%2CSayti%2CVideolar%2CAxtar%2CYukle%2CVideodan%2Cmp3%2Cmp4%2C3gp%2Cyukle%2CWhatsapp%2CPlus%2Cyukle%2CShekiller%2CButun%2Caxtardiqlarinizi%2Cburada%2Ctapacaqsiniz%20&stratagem= HTTP 302
https://btds.zog.link/in/912/?sid=21921&source=1784856847&idzone=0&w=1&h=1&mo=&ve=&site_id=21921&utm1=&utm2=&utm3=&utm4=&ad_tags=Pulsuz%2CVideo%2CYukle%2CMp3%2CYukle%2CShekil%2CYukle%2CKlipler%2CYukle%2CAnarim%2CAz%2CPulsuz%2CYuklemeler%2CSayti%2CVideolar%2CAxtar%2CYukle%2CVideodan%2Cmp3%2Cmp4%2C3gp%2Cyukle%2CWhatsapp%2CPlus%2Cyukle%2CShekiller%2CButun%2Caxtardiqlarinizi%2Cburada%2Ctapacaqsiniz%20&spot_id=21921&p=https%3A%2F%2Fanarim.az%2Fcomerica%2Findex.php&katds_labels=4,5,6,7,8,9,26,46,47,54,55,61,109&btype=0&score=99 HTTP 302
https://cdn.1vag.com/1x1.png

47 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

Primary Request index.php Show response
anarim.az/comerica/
Redirect Chain

http://anarim.az/comerica/index.php
https://anarim.az/comerica/index.php

15 KB
4 KB

281ms
146ms

Document
text/html

31.184.197.212
PINDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://anarim.az/comerica/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.184.197.212 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: 31-184-197-212.static.x5x-noc.ru
Software: nginx/1.20.2 / PHP/5.4.16
Resource Hash: 48ab0aceb46b29e47411bfc12a683f4db0863d583fad62bf1ba200dcb3d06997

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 18 Aug 2022 13:49:45 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Thu, 18 Aug 2022 13:49:45 GMT
Location: https://anarim.az:443/comerica/index.php
Server: nginx/1.20.2
Transfer-Encoding: chunked

GET
H/1.1 200
OK style.css
anarim.az/style/ 32 KB
7 KB 68ms
67ms Stylesheet
text/css 31.184.197.212
PINDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://anarim.az/style/style.css
Requested by: Host: anarim.az
URL: https://anarim.az/comerica/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.184.197.212 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: 31-184-197-212.static.x5x-noc.ru
Software: nginx/1.20.2 /
Resource Hash: 13941ea7bedc3a4a436e9d5050ff366419bc271e3a9922536efd457bf94862c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/comerica/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 13:49:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 20:20:08 GMT
Server: nginx/1.20.2
ETag: W/"6144f878-809f"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 25 Aug 2022 13:49:45 GMT

GET
H/1.1 404
Not Found zag.png
anarim.az/comerica/ 15 KB
15 KB 214ms
144ms Image
text/html 31.184.197.212
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anarim.az/comerica/zag.png
Requested by: Host: anarim.az
URL: https://anarim.az/comerica/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.184.197.212 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: 31-184-197-212.static.x5x-noc.ru
Software: nginx/1.20.2 / PHP/5.4.16
Resource Hash: 48ab0aceb46b29e47411bfc12a683f4db0863d583fad62bf1ba200dcb3d06997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/comerica/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 13:49:45 GMT
Content-Encoding: gzip
Server: nginx/1.20.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 ads-37.js Show response
kingads.mobi/push/ 3 KB
2 KB 149ms
47ms Script
application/javascript 2606:4700:3035::ac43:942e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kingads.mobi/push/ads-37.js
Requested by: Host: anarim.az
URL: https://anarim.az/comerica/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:942e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1d1e8219c59c7fd989065c308b77d6ac44cfe4131d20a9d6753b40586eb6e96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93171
cf-polished: origSize=3319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 14 Jun 2022 15:45:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJrv9l6f553bigTWP%2FwbnyeHlBwKWNfz654TUJWMY9ZIzCqsyr5CDPycma9ebWtTa045Gc2xjI61RNlIYssUCOkPhf%2FuVTGAtq%2BuWZ8FBDbF6dRVyqnGC%2B7AeCdd5IOfNqhzC%2F5rw%2FQBqEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 24 Aug 2022 11:56:54 GMT
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 73cb1d58bf826928-FRA
cf-bgj: minify

GET
H2 200 splash-d.min.js Show response
kingads.mobi/splash/az/ 431 KB
78 KB 157ms
56ms Script
application/javascript 2606:4700:3035::ac43:942e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kingads.mobi/splash/az/splash-d.min.js
Requested by: Host: anarim.az
URL: https://anarim.az/comerica/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:942e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14b639ead47064104ce71e414b2cc1bafc9a77f219f83a6542f7eac3ef352ccd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93171
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 22:57:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FK0ud%2F8rlQNoIsFE6n4Cc3eCK0tSl9ZJ2JyF8Zl%2Ff6j3eJF8yryD2vwaXmWFdmcuT1kgvAcRPyBuILAcB97BgHQPCuALVLy1Krw8sIIr4xMAvYSqPgYOlrKT3UcHf9MCrrNttet4EIb1oX8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 73cb1d58bf846928-FRA
expires: Wed, 24 Aug 2022 11:56:54 GMT

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 1 KB
863 B 326ms
39ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: anarim.az
URL: https://anarim.az/comerica/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 89ceaf2fba13343764ed6f07696d5b3a49b28daf865c3f6c204c218a4cd62e1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:45 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 06:52:04 GMT
server: nginx/1.18.0
etag: W/"62ce6b94-4e2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 13:54:45 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 anarim.az-box.min.js Show response
cdn.kingads.mobi/banner/ 170 B
723 B 182ms
46ms Script
text/html 2606:4700:3037::6815:3782
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kingads.mobi/banner/anarim.az-box.min.js
Requested by: Host: anarim.az
URL: https://anarim.az/comerica/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3782 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c786061497aa4ef11f05947de5c192fccb119fc48d9e94db00f07bb2e5e818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3679
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 Aug 2022 12:48:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2led6q1vPK%2BfUyQKe7YK0DuO58JaDsxAll6qEJCWdTVZBc5SCp16cprGboyl3x3ctk2MMg21Nc1TgcGwnpqHUjr5XrYe7gFnpmS6aIpGGHKB2n5BucbPGDOOxq%2F6TJwHsA%2FaR6Y5Bl0BMK1biEWO"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 73cb1d58f8b89137-FRA

GET
H2 200 ftBanneraz_v2_1081.min.js Show response
cdn.kingads.mobi/banner/ 8 KB
4 KB 185ms
49ms Script
text/html 2606:4700:3037::6815:3782
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kingads.mobi/banner/ftBanneraz_v2_1081.min.js
Requested by: Host: anarim.az
URL: https://anarim.az/comerica/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3782 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2ea193abfba38579b5f68be7a783b7fa1cc00ee1116999d7942ba439da617bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7052
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 Aug 2022 11:52:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjuEnhBsECmyBC7bRg%2BeO8eXnnn%2F3dR6%2BbPnihmZc55oFr9MDQeOFk7biAnDz2%2FkAUtrtBMdzsfiEZdk8XL5vtGCLiBSWt0BBlWssn4jAdxv3KAGII37wHMfQiQfkEdwS2Qb5VjC18ueSodOLGFs"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 73cb1d58f8b99137-FRA

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t24.6;r;s1600*1200*24;uhttps%3A//anarim.az/comerica/index.php;0.3144122313946165
https://counter.yadro.ru/hit?q;t24.6;r;s1600*1200*24;uhttps%3A//anarim.az/comerica/index.php;0.3144122313946165

140 B
626 B

74ms
74ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t24.6;r;s1600*1200*24;uhttps%3A//anarim.az/comerica/index.php;0.3144122313946165

Requested by

Host: anarim.az
URL: https://anarim.az/comerica/index.php

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

0a824f4a8cf9919ebd4da1ef59ebb08ff31d1d848b24eb00fcbe41c22853a80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 13:49:46 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 140
Expires: Tue, 17 Aug 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 13:49:45 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t24.6;r;s1600*1200*24;uhttps%3A//anarim.az/comerica/index.php;0.3144122313946165
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 17 Aug 2021 21:00:00 GMT

GET
H/1.1 200
OK blc3.gif
anarim.az/style/images/ 341 B
650 B 187ms
66ms Image
image/gif 31.184.197.212
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anarim.az/style/images/blc3.gif
Requested by: Host: anarim.az
URL: https://anarim.az/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.184.197.212 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: 31-184-197-212.static.x5x-noc.ru
Software: nginx/1.20.2 /
Resource Hash: d990308c06afa6645f72b5659c17d517f40e760b679ae0def2a7d3669cbd3643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 13:49:45 GMT
Last-Modified: Fri, 17 Sep 2021 20:20:08 GMT
Server: nginx/1.20.2
ETag: "6144f878-155"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 341
Expires: Thu, 25 Aug 2022 13:49:45 GMT

GET
H/1.1 200
OK 47.png
anarim.az/style/images/ 1 KB
1 KB 197ms
66ms Image
image/png 31.184.197.212
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anarim.az/style/images/47.png
Requested by: Host: anarim.az
URL: https://anarim.az/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.184.197.212 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: 31-184-197-212.static.x5x-noc.ru
Software: nginx/1.20.2 /
Resource Hash: dc70cac3314242edbbf6c7ec924bce987366223db5f2cc8eb7ece51ebaa0691a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 13:49:45 GMT
Last-Modified: Fri, 17 Sep 2021 20:20:08 GMT
Server: nginx/1.20.2
ETag: "6144f878-47f"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1151
Expires: Thu, 25 Aug 2022 13:49:45 GMT

GET
H/1.1 200
OK tl.png
anarim.az/style/images/ 369 B
678 B 202ms
70ms Image
image/png 31.184.197.212
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anarim.az/style/images/tl.png
Requested by: Host: anarim.az
URL: https://anarim.az/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.184.197.212 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: 31-184-197-212.static.x5x-noc.ru
Software: nginx/1.20.2 /
Resource Hash: beda37f5baf1a7775cae88322f9a62f9da63b42c68224a77cb58412e4bb4e164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 13:49:45 GMT
Last-Modified: Fri, 17 Sep 2021 20:20:08 GMT
Server: nginx/1.20.2
ETag: "6144f878-171"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 369
Expires: Thu, 25 Aug 2022 13:49:45 GMT

GET
H/1.1 200
OK hhh.gif
anarim.az/style/images/ 264 B
573 B 71ms
66ms Image
image/gif 31.184.197.212
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anarim.az/style/images/hhh.gif
Requested by: Host: anarim.az
URL: https://anarim.az/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.184.197.212 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: 31-184-197-212.static.x5x-noc.ru
Software: nginx/1.20.2 /
Resource Hash: 16dbdad75b9f810189f94e622b9574904ce2f0d2b0966b1868a2dfd7742c9f36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 13:49:45 GMT
Last-Modified: Fri, 17 Sep 2021 20:20:08 GMT
Server: nginx/1.20.2
ETag: "6144f878-108"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 264
Expires: Thu, 25 Aug 2022 13:49:45 GMT

GET
H2 200 micro.tag.min.js Show response
bigrourg.net/pfe/current/ 105 KB
39 KB 185ms
85ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bigrourg.net/pfe/current/micro.tag.min.js?z=3919215&sw=/sw-check-permissions-fc7ef.js
Requested by: Host: kingads.mobi
URL: https://kingads.mobi/push/ads-37.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c584cf80ced72ce0315cf02518f5fd656653431cc3a03d2fd5e8a83aa7d5c444

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 13:49:45 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 13:14:52 GMT
server: nginx
etag: W/"62fa46cc-1a2ed"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 / Show response
kingredirect.com/push/ 0
563 B 177ms
81ms XHR
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kingredirect.com/push/?id=37
Requested by: Host: kingads.mobi
URL: https://kingads.mobi/push/ads-37.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FJ7qRt2kB5HAvSjT%2BWgIZeBKzMLhV%2BIBTZNye53dIjM42OHKvBJeJIhC1G3aimvIxmiUqWB2Z1Y0Kcxt8IyyFVsWFzUu%2B%2F4NEcDwZcRNCe7yZZ4ODIJIVBrFzespdb1ukMsNLP7JgJuVwehFFOf"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-turbo-charged-by: LiteSpeed
cf-ray: 73cb1d59aeffbbcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK e.js Show response
cdn.trafficbass.com/libs/ 2 KB
2 KB 126ms
38ms Script
application/javascript 62.212.82.77
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.trafficbass.com/libs/e.js

Requested by

Host: anarim.az
URL: https://anarim.az/comerica/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

62.212.82.77 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

ab4c1348dc14f71f64eae26be8a0a449ec3d3a30ab5c239250beacb4057b0a3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 13:49:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block;
Last-Modified: Thu, 03 Mar 2022 13:55:26 GMT
Server: nginx
ETag: W/"6220c8ce-94a"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-PINGOTHER
Expires: Fri, 19 Aug 2022 13:49:45 GMT

GET
H2 204 5024561 Show response
glizauvo.net/401/ 0
356 B 138ms
43ms Script
text/plain 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glizauvo.net/401/5024561

Requested by

Host: cdn.kingads.mobi
URL: https://cdn.kingads.mobi/banner/anarim.az-box.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-trace-id: 7fcc82fd1cf04f1423a8c4510e2ad144
pragma: no-cache
date: Thu, 18 Aug 2022 13:49:45 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 137ms
48ms Stylesheet
text/css 2a00:1450:400e:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;400;500;600;700;800;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6bc4ce5337e19eb3b33c6f14c15be764b46c2a27008da286a5abc35890845053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 13:35:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 18 Aug 2022 13:49:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Aug 2022 13:49:45 GMT

GET
H2 200 / Show response
kingredirect.com/sabit/ 0
279 B 161ms
102ms XHR
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kingredirect.com/sabit/?id=1081
Requested by: Host: cdn.kingads.mobi
URL: https://cdn.kingads.mobi/banner/ftBanneraz_v2_1081.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=il0alPHNHc6DDUBZUt0qB0wiK%2BkE0RWXBRrKapLIlgyDxCa7D8VtHogMflczErwKFwO6xV2U7YvAclj0zzUXvcRneb0%2B6wHCvPZNufGx7sCnOCGOXfDCNeNY76wTQarO2DC5amB8gqaWsY8JOZD4"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-turbo-charged-by: LiteSpeed
cf-ray: 73cb1d59af01bbcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 diger.png
cdn.kingads.mobi/images/banner/ 2 KB
2 KB 49ms
48ms Image
image/png 2606:4700:3037::6815:3782
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.kingads.mobi/images/banner/diger.png
Requested by: Host: anarim.az
URL: https://anarim.az/comerica/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3782 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2323acdd7d12d6d05d16553e34d5b9aa3068c14e84ed23d9829145740b7219c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83335
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1935
last-modified: Tue, 18 Jan 2022 23:01:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKtrElop%2BoYfOF%2F9%2F5kYo2FcwwGvh22MAKnuXd8IyF0miO6HAU4%2FpFjHZsC1sv%2Ba9GrkFD2SEPG%2FqUPZwUW6lBNh4VXip1MZOjS%2BfX3CE3lZOFuZHNuWWyzKs0aw6C%2BXtBQIS%2FbxstMFOE6RmzVy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 73cb1d5949569137-FRA
expires: Wed, 24 Aug 2022 14:40:50 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
28 KB 125ms
47ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: kingads.mobi
URL: https://kingads.mobi/splash/az/splash-d.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 764619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fITa4IG78IkpfVXAE5yrRaBeq1Do4E6pSs6LI%2FoBOFzQ4IY93dHI79K6OKaJ0CN2aZyZXJO1YCVNZOVafwf11OLJLq4MkeVRXIA6SOSP%2FjMQrkFuVqKmV4p%2BLoaqrZTwV7oaMg0d11f9e0HphDHGXu%2Fm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73cb1d59fbe29191-FRA
expires: Tue, 08 Aug 2023 13:49:45 GMT

GET
H2 204 load Show response
z.cdn.trafficbass.com/ 0
279 B 132ms
38ms Script
text/plain 213.227.149.183
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.trafficbass.com/load?z=2096182924&div=zone_2096182924&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=858&pl=3&mi=4&me=8&hc=4&n=1660830585894&url=anarim.az%2Fcomerica%2Findex.php&vc=Intel%20Iris%20OpenGL%20Engine&ti=Pulsuz%20Video%20Yukle%2C%20Mp3%20Yukle%2C%20Shekil%20Yukle%2C%20Klipler%20Yukle&zyx=3787818789
Requested by: Host: cdn.trafficbass.com
URL: https://cdn.trafficbass.com/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 213.227.149.183 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 13:49:46 GMT
cache-control: no-cache, must-revalidate
expires: -1
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 85 KB
31 KB 119ms
41ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 960a0101f3bc46f4b7dc836a7417f5d0dda1bb734e04afa87ff9479030db8403

Request headers

Referer: https://anarim.az/
Origin: https://anarim.az
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:46 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 09:37:00 GMT
server: nginx/1.18.0
etag: W/"62f37c3c-1524f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 13:54:46 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 122ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://anarim.az
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 37526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Aug 2023 03:24:20 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 24 KB
25 KB 163ms
81ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://anarim.az
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 07:57:00 GMT
x-content-type-options: nosniff
age: 193966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25036
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 07:57:00 GMT

POST
H2 200 zone
bigrourg.net/ 0
248 B 48ms
48ms Ping
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bigrourg.net/zone?&pub=0&zone_id=3919215&is_mobile=false&domain=anarim.az&var=&ymid=&var_3=&dsig=&action=prerequest

Requested by

Host: bigrourg.net
URL: https://bigrourg.net/pfe/current/micro.tag.min.js?z=3919215&sw=/sw-check-permissions-fc7ef.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-trace-id: fd07da86d6cbf662ba508abb1b620bdc
date: Thu, 18 Aug 2022 13:49:46 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-origin: https://anarim.az
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 176ms
44ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=3919215&checkDuplicate=true&ymid=&var=

Requested by

Host: bigrourg.net
URL: https://bigrourg.net/pfe/current/micro.tag.min.js?z=3919215&sw=/sw-check-permissions-fc7ef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5af0e1d8bb27dbc2d7ebce9e44bad7bcad78bf742be80151a6b75924d35c8542

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:46 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://anarim.az
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 zone Show response
bigrourg.net/ 734 B
1018 B 133ms
43ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bigrourg.net/zone?&pub=0&zone_id=3919215&is_mobile=false&domain=anarim.az&var=&ymid=&var_3=&dsig=&action=settings

Requested by

Host: bigrourg.net
URL: https://bigrourg.net/pfe/current/micro.tag.min.js?z=3919215&sw=/sw-check-permissions-fc7ef.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f4e3555ea29cc80f2aa698582d5815c45d9f014f0155682ed89ee3bdae236444

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-trace-id: 5a8a51885edcb1cc0bd9752e337c67ae
date: Thu, 18 Aug 2022 13:49:46 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://anarim.az
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 734

GET
H2 200 14260 Show response
na.nawpush.com/tags/ 2 KB
2 KB 164ms
41ms XHR
application/json 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/14260?version_name=d
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 18da92e95cef4d5af376ae6f33786f1d05d981e26e1f80c2bc53d4dbf1dcec96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Aug 2022 13:49:46 GMT
cache-control: max-age=300, public
server: nginx/1.18.0
content-type: application/json
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
237 B 40ms
40ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:46 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 13:54:46 GMT
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 0
363 B 153ms
77ms XHR
text/plain 23.88.85.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=14260
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.85.6 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.85.88.23.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://anarim.az/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Thu, 18 Aug 2022 13:49:46 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://anarim.az
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 tags Show response
notification.tubecup.net/ 3 KB
3 KB 186ms
57ms XHR
application/json 88.198.209.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notification.tubecup.net/tags?tag_id=14260&timezone_olson=Etc/Unknown&version_name=d
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.209.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-209-13.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: ce3589946326d03bb879beaf7866f90f4bb59cec0b865398ed93c476db319f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 13:49:46 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 2887

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 230ms
39ms Preflight 23.88.85.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=14260
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.85.6 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.85.88.23.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://anarim.az
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://anarim.az
Connection: keep-alive
Date: Thu, 18 Aug 2022 13:49:46 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 track Show response
4f5ee1655d.f49113460e.com/in/ 0
207 B 207ms
82ms XHR
text/plain 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://4f5ee1655d.f49113460e.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI2NjYxMTQwNTY0NDk2NDI1MDAiLCJ0aW1lem9uZSI6MCwidmVyIjoiMy4zLjAiLCJ0YWdfaWQiOjE0MjYwLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiRXRjL1Vua25vd24iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiJQdWxzdXolMkNWaWRlbyUyQ1l1a2xlJTJDTXAzJTJDWXVrbGUlMkNTaGVraWwlMkNZdWtsZSUyQ0tsaXBsZXIlMkNZdWtsZSUyQ0FuYXJpbSUyQ0F6JTJDUHVsc3V6JTJDWXVrbGVtZWxlciUyQ1NheXRpJTJDVmlkZW9sYXIlMkNBeHRhciUyQ1l1a2xlJTJDVmlkZW9kYW4lMkNtcDMlMkNtcDQlMkMzZ3AlMkN5dWtsZSUyQ1doYXRzYXBwJTJDUGx1cyUyQ3l1a2xlJTJDU2hla2lsbGVyJTJDQnV0dW4lMkNheHRhcmRpcWxhcmluaXppJTJDYnVyYWRhJTJDdGFwYWNhcXNpbml6JTIwIn0=
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 13:49:46 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 build.m.js Show response
js.cabnnr.com/banner-admanager/ 44 KB
15 KB 158ms
53ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cabnnr.com/banner-admanager/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 72f209724976421f97be3c2beb55aa270544771ebaad24717c3cc7e9cc6ad7c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:46 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:00:56 GMT
server: nginx/1.18.0
etag: W/"62f64f08-b06e"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 13:54:46 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 npush.m.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 249 KB
67 KB 152ms
41ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 650430052da40e0ad6b1e0ec346aec0361f72276c71057ce1df0adb5adbc2468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:46 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 14:43:46 GMT
server: nginx/1.18.0
etag: W/"62fbad22-3e389"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 13:54:46 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 csub.m.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 52 KB
13 KB 252ms
141ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: ae76aab58df5505ae11ad294434acd86c398718cc15d0f4d7a92cf6953a42a38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:46 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 11:09:06 GMT
server: nginx/1.18.0
etag: W/"62eba8d2-d0c6"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 13:54:46 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 176ms
38ms XHR
text/plain 168.119.25.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=0&event_id=05cd38fe-1ca1-47d2-bbf6-7f6dcc8f706f&subid=1350127564&sid=3777001204&spot_id=11457&created_at=2022-08-18&timezone=0&ver=7.0.0&is_native=1
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.22 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.22.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 13:49:46 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 multy Show response
bd10698afb.f49113460e.com/in/ 7 KB
7 KB 1052ms
1050ms XHR
application/json 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bd10698afb.f49113460e.com/in/multy
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 89140ba4188f302663d3a1b12016facdb6fb175dee3bb7e03ae45c205d79dd2e

Request headers

Referer: https://anarim.az/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 13:49:48 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 7029

OPTIONS
H2 204 multy
bd10698afb.f49113460e.com/in/ Frame 0
0 248ms
38ms Preflight 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bd10698afb.f49113460e.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://anarim.az
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Thu, 18 Aug 2022 13:49:47 GMT
pragma: no-cache
server: nginx/1.18.0
vary: Origin

GET
H3 200 diger.png
kingads.mobi/images/ 7 KB
8 KB 51ms
50ms Image
image/png 2606:4700:3037::6815:3782
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kingads.mobi/images/diger.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3782 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9af573ffcefd56601bf1cae9dfe1a0f3d110091cec8a1fdd8a32128dda84d09f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 92418
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7435
last-modified: Tue, 18 Jan 2022 23:04:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoCLx6%2Bw%2F%2B8cCGgDbihkH7NCk44K%2FzBaGvq9sDLgmwEGosKCPwMbc8HN2Nyf%2BFXfu9uPPyIJIbQVRE5jnEBgiofIZDOk9zUl4HrRlRzS7Oxo24kASmm85bJ4ty5GfRt%2FQlJ8RUrCHwcUfYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 73cb1d632c07996e-FRA
expires: Wed, 24 Aug 2022 12:09:29 GMT

GET
H2

200

PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp
static.bookmsg.com/creatives/PH/
Redirect Chain

https://bd10698afb.f49113460e.com/in/show/?mid=1627218719&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=1350127564&sid=3777001204&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=9...
https://static.bookmsg.com/creatives/PH/PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp

1 KB
1 KB

37ms
37ms

Image
image/webp

159.69.167.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/PH/PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp
Protocol: H2
Server: 159.69.167.66 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.167.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6260f227e2c7cb24b61a7221f1093acd7b826742b722e8bd00d866e555d873c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:48 GMT
last-modified: Tue, 24 Nov 2020 14:22:23 GMT
server: nginx/1.18.0
etag: "5fbd171f-4d6"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 1238

Redirect headers

pragma: no-cache
date: Thu, 18 Aug 2022 13:49:48 GMT
server: nginx/1.18.0
access-control-allow-origin: *
vary: Origin
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/PH/PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp
static.bookmsg.com/creatives/PH/ 1 KB
1 KB 120ms
38ms Image
image/webp 159.69.167.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/PH/PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.167.66 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.167.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6260f227e2c7cb24b61a7221f1093acd7b826742b722e8bd00d866e555d873c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anarim.az/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:48 GMT
last-modified: Tue, 24 Nov 2020 14:22:23 GMT
server: nginx/1.18.0
etag: "5fbd171f-4d6"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 1238

GET
H2

200

PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp
static.bookmsg.com/creatives/PH/ Frame E88C
Redirect Chain

https://bd10698afb.f49113460e.com/in/show/?mid=1627218719&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=1350127564&sid=3777001204&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=9...
https://static.bookmsg.com/creatives/PH/PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp

1 KB
1 KB

37ms
37ms

Image
image/webp

159.69.167.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/PH/PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp
Protocol: H2
Server: 159.69.167.66 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.167.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6260f227e2c7cb24b61a7221f1093acd7b826742b722e8bd00d866e555d873c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:48 GMT
last-modified: Tue, 24 Nov 2020 14:22:23 GMT
server: nginx/1.18.0
etag: "5fbd171f-4d6"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 1238

Redirect headers

pragma: no-cache
date: Thu, 18 Aug 2022 13:49:48 GMT
server: nginx/1.18.0
access-control-allow-origin: *
vary: Origin
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/PH/PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a222ed6fc63d91d555c29e1880905ca4340fa8c23a1f6d2d58c6048b14ee3d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bbfdebcfc2568412d851a7de0def80e6e12bbf31716f940d9f5bfcf354344a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E88C 453 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09a64fe657664c65fab31e300aa48959332ff665a54c6d904ef544b97c79a4ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp
static.bookmsg.com/creatives/PH/ Frame E88C 1 KB
1 KB 116ms
37ms Image
image/webp 159.69.167.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/PH/PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.167.66 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.167.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6260f227e2c7cb24b61a7221f1093acd7b826742b722e8bd00d866e555d873c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:49:48 GMT
last-modified: Tue, 24 Nov 2020 14:22:23 GMT
server: nginx/1.18.0
etag: "5fbd171f-4d6"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 1238

GET /
rtbrennab.com/get/ Frame FADF 0
0

GET
H2

200

1x1.png Show response
cdn.1vag.com/ Frame 72F6
Redirect Chain

https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiUHVsc3V6JTJDVmlkZW8lMkNZdWtsZSUyQ01wMyUy...
https://rtbrennab.com/banner/in/show/?mid=403020835&pid=0&site=21921&sc=DE&usage_type=DCH&subid=1784856847&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=a...
https://btds.zog.link/in/912/?sid=21921&source=1784856847&idzone=0&w=1&h=1&mo=&ve=&site_id=21921&utm1=&utm2=&utm3=&utm4=&ad_tags=Pulsuz%2CVideo%2CYukle%2CMp3%2CYukle%2CShekil%2CYukle%2CKlipler%2CYu...
https://cdn.1vag.com/1x1.png

68 B
334 B

146ms
41ms

Document
image/png

45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.1vag.com/1x1.png
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://anarim.az/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 68
content-type: image/png
date: Thu, 18 Aug 2022 13:49:50 GMT
etag: "5e970c67-44"
expires: Thu, 18 Aug 2022 14:49:50 GMT
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
server: nginx/1.20.1
x-proxy-cache: HIT
x-request-id: de54568a2a22f8dbe69545a87e8b4c4f

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 18 Aug 2022 13:49:50 GMT
location: https://cdn.1vag.com/1x1.png
pragma: no-cache
server: nginx/1.20.1
vary: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rtbrennab.com
URL: https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiUHVsc3V6JTJDVmlkZW8lMkNZdWtsZSUyQ01wMyUyQ1l1a2xlJTJDU2hla2lsJTJDWXVrbGUlMkNLbGlwbGVyJTJDWXVrbGUlMkNBbmFyaW0lMkNBeiUyQ1B1bHN1eiUyQ1l1a2xlbWVsZXIlMkNTYXl0aSUyQ1ZpZGVvbGFyJTJDQXh0YXIlMkNZdWtsZSUyQ1ZpZGVvZGFuJTJDbXAzJTJDbXA0JTJDM2dwJTJDeXVrbGUlMkNXaGF0c2FwcCUyQ1BsdXMlMkN5dWtsZSUyQ1NoZWtpbGxlciUyQ0J1dHVuJTJDYXh0YXJkaXFsYXJpbml6aSUyQ2J1cmFkYSUyQ3RhcGFjYXFzaW5peiUyMCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDI2LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE3ODQ4NTY4NDciLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoyMTkyMSwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjAsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIyMTkyMSIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cHM6Ly9hbmFyaW0uYXovY29tZXJpY2EvaW5kZXgucGhwIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjU4YjA3NDllODc5ZWNjODNhMGJmYmY0N2NmOWUwYTkyIn0sImV4dCI6eyJkdCI6MTY2MDgzMDU4OTcxMH19

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-20 14:05:06	Name: FTID Value: 1Y_aDv3lPUuN1Y_aDv0019sf
z.cdn.trafficbass.com/	1970-01-20 14:56:30	Name: AU Value: aad7452b47f055f2
.yadro.ru/	1970-01-20 14:05:06	Name: VID Value: 26gGHn3xBQ8N1Y_aDw0019tC
my.rtmark.net/	1970-01-20 14:06:06	Name: ID Value: 30d3be4fc4804499a0c6daa51d54678f
fp.metricswpsh.com/	1970-01-20 14:06:06	Name: id Value: 15457795830779144142
btds.zog.link/	1970-01-20 05:21:56	Name: 912.0 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://anarim.az/comerica/index.php Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://anarim.az/comerica/zag.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://anarim.az/comerica/index.php Message: Refused to execute script from 'https://glizauvo.net/401/5024561' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f5ee1655d.f49113460e.com
anarim.az
bd10698afb.f49113460e.com
bigrourg.net
btds.zog.link
cdn.1vag.com
cdn.kingads.mobi
cdn.trafficbass.com
cdnjs.cloudflare.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
fp.metricswpsh.com
glizauvo.net
js.cabnnr.com
js.wpadmngr.com
js.wpushsdk.com
kingads.mobi
kingredirect.com
my.rtmark.net
na.nawpush.com
nereserv.com
notification.tubecup.net
rtbrennab.com
static.bookmsg.com
z.cdn.trafficbass.com
rtbrennab.com
139.45.195.8
139.45.197.236
139.45.197.251
159.69.167.66
168.119.25.22
213.227.149.183
23.88.85.6
2606:4700:3035::ac43:942e
2606:4700:3037::6815:3782
2606:4700::6811:190e
2a00:1450:4001:830::2003
2a00:1450:400e:80d::200a
2a01:4f8:c0:33d8::1
2a01:4f8:e0:19cb::1
2a02:128:7:5940::3
2a06:98c1:3120::c
31.184.197.212
45.133.44.24
45.133.44.25
62.212.82.77
88.198.209.13
88.212.201.198
05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b
09a64fe657664c65fab31e300aa48959332ff665a54c6d904ef544b97c79a4ac
0a824f4a8cf9919ebd4da1ef59ebb08ff31d1d848b24eb00fcbe41c22853a80b
13941ea7bedc3a4a436e9d5050ff366419bc271e3a9922536efd457bf94862c3
14b639ead47064104ce71e414b2cc1bafc9a77f219f83a6542f7eac3ef352ccd
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16dbdad75b9f810189f94e622b9574904ce2f0d2b0966b1868a2dfd7742c9f36
18da92e95cef4d5af376ae6f33786f1d05d981e26e1f80c2bc53d4dbf1dcec96
24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56
270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e
39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e
3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536
44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd
48ab0aceb46b29e47411bfc12a683f4db0863d583fad62bf1ba200dcb3d06997
506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604
5af0e1d8bb27dbc2d7ebce9e44bad7bcad78bf742be80151a6b75924d35c8542
6260f227e2c7cb24b61a7221f1093acd7b826742b722e8bd00d866e555d873c2
629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64c786061497aa4ef11f05947de5c192fccb119fc48d9e94db00f07bb2e5e818
650430052da40e0ad6b1e0ec346aec0361f72276c71057ce1df0adb5adbc2468
65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a
6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7
6bbfdebcfc2568412d851a7de0def80e6e12bbf31716f940d9f5bfcf354344a6
6bc4ce5337e19eb3b33c6f14c15be764b46c2a27008da286a5abc35890845053
72f209724976421f97be3c2beb55aa270544771ebaad24717c3cc7e9cc6ad7c7
833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69
89140ba4188f302663d3a1b12016facdb6fb175dee3bb7e03ae45c205d79dd2e
89ceaf2fba13343764ed6f07696d5b3a49b28daf865c3f6c204c218a4cd62e1e
960a0101f3bc46f4b7dc836a7417f5d0dda1bb734e04afa87ff9479030db8403
9af573ffcefd56601bf1cae9dfe1a0f3d110091cec8a1fdd8a32128dda84d09f
9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8
a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e
a222ed6fc63d91d555c29e1880905ca4340fa8c23a1f6d2d58c6048b14ee3d96
ab4c1348dc14f71f64eae26be8a0a449ec3d3a30ab5c239250beacb4057b0a3e
ae76aab58df5505ae11ad294434acd86c398718cc15d0f4d7a92cf6953a42a38
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62
beda37f5baf1a7775cae88322f9a62f9da63b42c68224a77cb58412e4bb4e164
c1d1e8219c59c7fd989065c308b77d6ac44cfe4131d20a9d6753b40586eb6e96
c584cf80ced72ce0315cf02518f5fd656653431cc3a03d2fd5e8a83aa7d5c444
ce3589946326d03bb879beaf7866f90f4bb59cec0b865398ed93c476db319f02
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
d2ea193abfba38579b5f68be7a783b7fa1cc00ee1116999d7942ba439da617bd
d990308c06afa6645f72b5659c17d517f40e760b679ae0def2a7d3669cbd3643
dc70cac3314242edbbf6c7ec924bce987366223db5f2cc8eb7ece51ebaa0691a
e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2323acdd7d12d6d05d16553e34d5b9aa3068c14e84ed23d9829145740b7219c
f4e3555ea29cc80f2aa698582d5815c45d9f014f0155682ed89ee3bdae236444
fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d

anarim.az Open in urlscan Pro 31.184.197.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

91 %HTTPS

41 %IPv6

23 Domains

26 Subdomains

21 IPs

8 Countries

399 kBTransfer

1225 kBSize

6 Cookies

8 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

anarim.az Open in urlscan Pro
31.184.197.212 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

91 %
HTTPS

41 %
IPv6

23
Domains

26
Subdomains

21
IPs

8
Countries

399 kB
Transfer

1225 kB
Size

6
Cookies

47 HTTP transactions
19 data transactions