live4x-afrikans.tk Open in urlscan Pro
31.129.244.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://live4x-afrikans.tk/
Submission: On February 01 via api (February 1st 2022, 3:56:54 am UTC) from VN — Scanned from DE

Summary HTTP 158 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 47 IPs in 8 countries across 53 domains to perform 158 HTTP transactions. The main IP is 31.129.244.168, located in Kyiv, Ukraine and belongs to MELNYCHENKO-AS, UA. The main domain is live4x-afrikans.tk.
TLS certificate: Issued by R3 on February 1st 2022. Valid for: 3 months.

This is the only time live4x-afrikans.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	31.129.244.168 31.129.244.168	207422 (MELNYCHEN...) (MELNYCHENKO-AS)
10	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	95.181.171.231 95.181.171.231	50214 (QWARTA) (QWARTA)
3	87.240.190.78 87.240.190.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
9	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 21	46.4.114.109 46.4.114.109	24940 (HETZNER-AS) (HETZNER-AS)
9	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:1::11 2a02:2638:1::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	188.42.29.165 188.42.29.165	7979 (SERVERS-COM) (SERVERS-COM)
1 1	157.90.179.219 157.90.179.219	24940 (HETZNER-AS) (HETZNER-AS)
4	195.201.243.72 195.201.243.72	24940 (HETZNER-AS) (HETZNER-AS)
2 2	194.190.76.45 194.190.76.45	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	195.209.108.48 195.209.108.48	52007 (ADRIVER-AS) (ADRIVER-AS)
2	81.222.128.216 81.222.128.216	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:303... 2606:4700:3039::6815:c07c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	194.190.117.94 194.190.117.94	204600 (REPUBLER-AS) (REPUBLER-AS)
2 4	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.103.21 37.18.103.21	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.144 185.15.175.144	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	138.201.65.74 138.201.65.74	24940 (HETZNER-AS) (HETZNER-AS)
2 2	78.46.16.13 78.46.16.13	24940 (HETZNER-AS) (HETZNER-AS)
1 1	144.76.138.28 144.76.138.28	24940 (HETZNER-AS) (HETZNER-AS)
1 1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1 2	88.99.149.88 88.99.149.88	24940 (HETZNER-AS) (HETZNER-AS)
1 1	80.64.106.152 80.64.106.152	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	176.122.21.139 176.122.21.139	48096 (ITGRAD) (ITGRAD)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
6 6	217.66.147.164 217.66.147.164	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 2	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1 1	148.251.156.238 148.251.156.238	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.108.1.47 65.108.1.47	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2 3	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
2	2606:4700:10:... 2606:4700:10::6816:457	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	88.212.233.108 88.212.233.108	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2 4	185.15.175.131 185.15.175.131	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
158	47

10 31.129.244.168 (Kyiv, Ukraine)

ASN207422 (MELNYCHENKO-AS, UA)

live4x-afrikans.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mini-sam.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
it-koder.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.181.171.231 (Russian Federation)

ASN50214 (QWARTA, RU)
PTR: asrv231.qwarta.ru

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 46.4.114.109 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271137.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.29.165 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.179.219 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1407627.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.201.243.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.76.45 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.48 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c07c (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.94 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.172.81.172 (Muehlheim am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.158 (Muehlheim am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.21 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.144 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.65.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.65.201.138.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.16.13 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-2.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.138.28 (Thale, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-3.community.moscow

28b15f3b-1791-4769-a82e-16e6e8b40bea.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Laren, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.149.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dmc-test-dn3

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.152 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr7.rutarget.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.122.21.139 (Novorossiysk, Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0100007f80aff861e4059f5a02906943-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 217.66.147.164 (St Petersburg, Russian Federation) 6 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-164-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Moscow, Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.193.58.13 (Russian Federation) 2 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.156.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.156.251.148.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.1.47 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.47.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.119.28 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:457 (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.233.108 (Russian Federation)

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.131 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	criteo.net static.criteo.net — Cisco Umbrella Rank: 645 csm.eu.criteo.net — Cisco Umbrella Rank: 7881 pix.eu.criteo.net — Cisco Umbrella Rank: 7730	799 KB
25	acint.net 1 redirects www.acint.net — Cisco Umbrella Rank: 35385 acint.net — Cisco Umbrella Rank: 28552	18 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	264 KB
9	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14362 ads.eu.criteo.com — Cisco Umbrella Rank: 7925 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10541 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 13370	81 KB
9	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	42 KB
8	mts.ru 8 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 34403 tech.rtb.mts.ru — Cisco Umbrella Rank: 35053	5 KB
7	live4x-afrikans.tk live4x-afrikans.tk	374 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 121910 dmg.digitaltarget.ru — Cisco Umbrella Rank: 24900	22 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 592 syndication.twitter.com — Cisco Umbrella Rank: 844	149 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	153 KB
4	bumlam.com 2 redirects sync.bumlam.com — Cisco Umbrella Rank: 2736	2 KB
4	adriver.ru 2 redirects ad.adriver.ru — Cisco Umbrella Rank: 24531 ssp.adriver.ru — Cisco Umbrella Rank: 13446	2 KB
3	advarkads.com s3.advarkads.com — Cisco Umbrella Rank: 107349 api.advarkads.com — Cisco Umbrella Rank: 30415	8 KB
3	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13701	1 KB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 33494 28b15f3b-1791-4769-a82e-16e6e8b40bea.sync.upravel.com	2 KB
3	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1818	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	113 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
3	vk.com vk.com — Cisco Umbrella Rank: 5015	5 KB
3	sape.ru 1 redirects cdn-rtb.sape.ru — Cisco Umbrella Rank: 72833 ssp-rtb.sape.ru — Cisco Umbrella Rank: 37547	72 KB
2	gstatic.com fonts.gstatic.com	91 KB
2	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 3286	665 B
2	konnektu.ru 2 redirects pixel.konnektu.ru — Cisco Umbrella Rank: 94580	330 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10065	500 B
2	rktch.com 1 redirects ut.rktch.com — Cisco Umbrella Rank: 45473	683 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 12235	815 B
2	adsniper.ru 2 redirects sync3.adsniper.ru — Cisco Umbrella Rank: 12418	1 KB
2	republer.com 2 redirects sync.republer.com — Cisco Umbrella Rank: 49095	950 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 10726	826 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8028	914 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8294	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	83 KB
2	it-koder.tk it-koder.tk	56 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1009 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	5 KB
1	gnezdo.ru fcgi4.gnezdo.ru — Cisco Umbrella Rank: 76831	188 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 48668	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 45116	455 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11367	208 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 25947	176 B
1	beeline.ru 1 redirects 0100007f80aff861e4059f5a02906943-sp.ops.beeline.ru	635 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 56157	163 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 215066	416 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 114006	304 B
1	relap.io relap.io — Cisco Umbrella Rank: 29912
1	adlmerge.com adlmerge.com — Cisco Umbrella Rank: 167542	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru — Cisco Umbrella Rank: 235817	108 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 21128	69 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 31804	239 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 48913	818 B
1	mail.ru ad.mail.ru — Cisco Umbrella Rank: 7967	764 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	649 B
1	mini-sam.ru mini-sam.ru	22 KB
158	53

	Domain	Requested by
21	static.criteo.net	ads.eu.criteo.com
21	www.acint.net	1 redirects live4x-afrikans.tk cdn-rtb.sape.ru www.acint.net
10	pagead2.googlesyndication.com	live4x-afrikans.tk pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net live4x-afrikans.tk
7	live4x-afrikans.tk	live4x-afrikans.tk
6	csm.eu.criteo.net	ads.eu.criteo.com
6	sm.rtb.mts.ru	6 redirects
5	pix.eu.criteo.net	ads.eu.criteo.com
4	www.facebook.com	connect.facebook.net www.facebook.com
4	dmg.digitaltarget.ru	2 redirects www.acint.net
4	sync.bumlam.com	2 redirects www.acint.net
4	acint.net	www.acint.net
4	platform.twitter.com	live4x-afrikans.tk platform.twitter.com
3	cat.nl.eu.criteo.com	ads.eu.criteo.com
3	x01.aidata.io	2 redirects www.acint.net
3	ads.betweendigital.com	2 redirects www.acint.net
3	ads.eu.criteo.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	vk.com	live4x-afrikans.tk vk.com
2	fonts.gstatic.com	fonts.googleapis.com
2	s3.advarkads.com	www.acint.net s3.advarkads.com
2	an.yandex.ru	1 redirects www.acint.net
2	pixel.konnektu.ru	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	sync.1dmp.io	1 redirects www.acint.net
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync3.adsniper.ru	2 redirects
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	syndication.twitter.com	platform.twitter.com live4x-afrikans.tk
2	counter.yadro.ru	1 redirects live4x-afrikans.tk
2	connect.facebook.net	live4x-afrikans.tk connect.facebook.net
2	cdn-rtb.sape.ru	live4x-afrikans.tk cdn-rtb.sape.ru
2	it-koder.tk	live4x-afrikans.tk
1	www.google.com	tpc.googlesyndication.com
1	fonts.googleapis.com	cdnjs.cloudflare.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	api.advarkads.com	s3.advarkads.com
1	rtb.nl.eu.criteo.com	live4x-afrikans.tk
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	0100007f80aff861e4059f5a02906943-sp.ops.beeline.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	relap.io	www.acint.net
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	28b15f3b-1791-4769-a82e-16e6e8b40bea.sync.upravel.com	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	mini-sam.ru	live4x-afrikans.tk
158	69

This site contains links to these domains. Also see Links.

Domain
www.donationalerts.com
rtb.sape.ru
vk.com
kshop5.pro
www.liveinternet.ru

Subject Issuer	Validity	Valid
live4x-afrikans.tk R3	`2022-02-01` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
mini-sam.ru R3	`2021-12-01` - `2022-03-01`	3 months	crt.sh
it-koder.tk R3	`2022-02-01` - `2022-05-02`	3 months	crt.sh
*.sape.ru R3	`2021-12-17` - `2022-03-17`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-10` - `2022-02-08`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.acint.net R3	`2021-12-16` - `2022-03-16`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-04`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
relap.io GeoTrust RSA CA 2018	`2021-08-26` - `2022-09-26`	a year	crt.sh
new-programmatic.com R3	`2022-01-21` - `2022-04-21`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.bumlam.com R3	`2021-12-08` - `2022-03-08`	3 months	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-06`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-25`	3 months	crt.sh
*.advarkads.com GlobalSign GCC R3 DV TLS CA 2020	`2022-01-02` - `2023-02-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://live4x-afrikans.tk/
Frame ID: 1799D5789A7F7B454721125620FA9B85
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: 3C5F0400481EACD4DACFDD5F40C9DB30
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Flive4x-afrikans.tk
Frame ID: 3F00AB56A9FEB3534B094BFB1C318F67
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&adk=1812271804&adf=3025194257&lmt=1643687808&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flive4x-afrikans.tk%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643687808297&bpp=117&bdt=259&idt=248&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5548044431223&frm=20&pv=2&ga_vid=1776941803.1643687809&ga_sid=1643687809&ga_hid=2147196317&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064527%2C31063222&oid=2&pvsid=1034017684445270&pem=633&tmod=1437782944&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=263
Frame ID: 1CE0ACAD7BBE82620668EA9E7F929771
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&h=600&slotname=4059907525&adk=414549888&adf=2428413711&pi=t.ma~as.4059907525&w=160&lmt=1643687808&psa=0&format=160x600&url=https%3A%2F%2Flive4x-afrikans.tk%2F&flash=0&alternate_ad_url=http%3A%2F%2Fmini-sam.ru%2Fclicksor.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643687808421&bpp=3&bdt=383&idt=144&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5548044431223&frm=20&pv=1&ga_vid=1776941803.1643687809&ga_sid=1643687809&ga_hid=2147196317&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=25&ady=724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064527%2C31063222&oid=2&pvsid=1034017684445270&pem=633&tmod=1437782944&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ttt3G6awZP&p=https%3A//live4x-afrikans.tk&dtd=149
Frame ID: 1A1695A65ABD19E54E8BCAC6530164FD
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&h=90&slotname=5452671033&adk=3831289261&adf=775728417&pi=t.ma~as.5452671033&w=728&lmt=1643687808&psa=0&format=728x90&url=https%3A%2F%2Flive4x-afrikans.tk%2F&flash=0&alternate_ad_url=http%3A%2F%2Fmini-sam.ru%2Fclicksor_700_90.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643687808424&bpp=1&bdt=386&idt=148&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=5548044431223&frm=20&pv=1&ga_vid=1776941803.1643687809&ga_sid=1643687809&ga_hid=2147196317&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=203&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064527%2C31063222&oid=2&pvsid=1034017684445270&pem=633&tmod=1437782944&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PrHs913ZM6&p=https%3A//live4x-afrikans.tk&dtd=151
Frame ID: CD2D9577E7CEC27F8411B192FF7F8E99
Requests: 8 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.8f764d5bd2778f88121d31d7d8d8e1e3.en.html
Frame ID: 78DD8695E159E6C75B5188DFEF96D4D7
Requests: 2 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14
Frame ID: 8DDF9CAE3F22A476175290E58FD98FD5
Requests: 35 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfivgAAJt54Iu8hTAAdVEZerGject8pex4hP-g&u=%7CNdDCp0RUOaa1H7QDJeJzPdICAMW5jkZDEZJtiV3J%2Bps%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wciotc80JgXfDRVas-O7ztttMgI1tkZc1uNlkTTa21FcITX126J2ChD9BjGxbaZ-XbmkJyCXiDLdaqXs9TM4JNAlrQuQTtyiI-eLcKItmgLVTmvawZjP7x4jzDVEI1-bw3xCLOR5kcFy3uYQ7WS89p_N_RdxVgK5n-r_x5wcnsSrwwR7xg6yeaTCKVfHzkIo6lZhlRM9AzH0dnx13xle-UXlYXXcHDdp3mhrouTt28WyluSpKpa4jwZfw__0ygPIscJ7r8QYZgQPwPe-SBzZm0PrCsUc_wSQG5_2yQd8x0CZAVQNl1EDpYGPgdgWDC5-cCx7-z1zGtIm_znrYnjBx1Vydal_HCX5PUsBX1Y6AhzdSosnnuyEyRTAnm5MHwQzJMg1I3CiWM__9p5fK0gC9b3Bj7FQbUd8kg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfVQXgK_4YZ7vJtOQ7_UPkaqd0ArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc2MTk1NjYxNjAyNjM2MTigAdW20uoDyAEJqQJMWi2u6NeyPqgDAaoEwAFP0FG3jWqL3MQdu4LO8WfFXkMau7Rj-twkGfT6Xjr_uavPy7Dx6rcOCJKNGIN3ydJtYwMwLW1WLbyrycEQOQ14moRBoAM6KHPps_eLTNy7c1TBZzMM6WixlvMFlAaWAd2vICJZ0gt4QPJBYNFEFYk5C-sJso2k4ENwv50zG9hVg14-PdSYjgZDfkerhNGQRVaUp-weJtFZwwD-7bTNVasRgP-Ym0z3yK9wggifW9NhNDppCD0CTyMbbFBEyDRc12WABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30U1cVnzffLs6OnQ6CLp6VrKggDA%26client%3Dca-pub-7619566160263618%26adurl%3D
Frame ID: 3077C3E6E52B9E5B7EA3216F6E939BAF
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfivgAAJuVwIu-KWAA8L_HeHOTOzJhCS7yauLg&u=%7CNdDCp0RUOab7ZB1p5uQDuXhvA4lj5W%2B6xatPXpjP7M4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKV5ggHwXpVkDjMEb-TC-iqQs9ndGqcSpJXwbyfsTxkMIBEz7v9QJSQe72K65Q7I96fVWTETjML55-KBfASuiEo1WBcUriw1bVzWoUBxytjzIwbpM52AoSl2EeeNV3aOM32c0oPmWmew-l8a4seVculmd93FVkEC-UInoqcnQik1IvHqyUCqluC0_eJa8ErKpZLFRN8yvjK7z73tjJBSBY-tZ4d5_eIM4KyG1z98rCSEh564VigDgaIzPQH1U_ClGRTynzB_I_9tPp5mGAaT67Q00JO3h38g-oB5fdVAh5S6z4uAfX6wCZka2KQKMs1IuLPBY5A2M7BiXaHI2YWkhwaceOjl8t67PL7BE-NouFEAEHQs-gSUjijKXopOW4E5inKbP63_O4cMGbH9XxSb6kWSm6ipWcBttt4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSKSygK_4YdzyJpbF7_UP_Je82ArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc2MTk1NjYxNjAyNjM2MTigAdW20uoDyAEJqQKHqcZSztmyPqgDAaoExwFP0HavdlzhZAQuWwya6bMyo4S5Gbc4azDzeISXdCXPY4CGTUR62BcgZQj0A1dBHAiPfL7C04OPE_b7px2E59c513jLt65-uiyvpRAY1Z5N2hD-YOMjOiFgxByCnORyORtROexFSeqgZ2MNZuKOL-jdTKS8BUTYVizpUYs2o-EHM_Je3IN1CwOYHjD_n2W-o7rNb8krBN6zzYM2qRn6swzbVo-RgpKlvsTv7sJMt1EaYBR9ha_7FSUfsHkEr0W9-hKUif0m51gygAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3iVLNJyN6LKYG-6WzpM9-21pwYLQ%26client%3Dca-pub-7619566160263618%26adurl%3D
Frame ID: 33EE10BB0D93614C8141A05480705BF7
Requests: 11 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F80AFF861E4059F5A02906943
Frame ID: 61403DB06AD7203837343505BE6E6060
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Frame ID: 813C602B58EF0E304BB189E95DDD4DB3
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfivgAAJubUIu8-zAAt4wIDGpDKoQUUp3jQtcQ&u=%7CNdDCp0RUOaYT0VoYq2JjVqs62LlO78whPhH%2FtKldJPQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wciotc80JgXfDRVas-O7zttyGUPG0x0aWk2coCu8c4vxpcMWvcgHr84uErhgFA3lZ8LbPJtCidZcqCOTlkNPhYdIYbEFpZdhaAuIi-QSSZWarWhyKL5kwEsLoavPP2QtOCJ3NcKOwOj_I_CA_5V1rtZVr2w3xinCdMByxprYMRG2KorU3wvKJ7rHAgvZO8vfmiJ_2DdR8Hsixu6uqFtPPPX-TOKIDyp2Yl7QWxPi1B_DsS_qUtZZUOGAlwXVQ-zZ5F4FVBqY13XJkfpdoG22rd7dyyzmrYmDzYAvpouu_Tpv4yee_ibsOHNgN8W7tb6CBuzx_GmiIZRsiHRzCAZ1JAufmIlSDC9yiGx82csG21W2SR__vBYmg_5XQI7_oVrJl13sOYtn2Ma5hldjkwQ9bSeolwBTDVEWR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXWkGgK_4YbXzJrOf7_UPwPGt-ATJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc2MTk1NjYxNjAyNjM2MTigAdW20uoDyAEJqQJMWi2u6NeyPqgDAaoEwgFP0J1yjAeU4vOVdtWrulgdJIDl7HzLc9hIJU5HL2Y8V7Q68ZFle0r9W851JOEBbM9bJsWCkVqnZUBtitLOslvxkFW4J8b7UL6qx8h4WEskTDr5a-rB71Ro_I_QKPJcj0Bbic0NAkXEpbiaTXO3CGfRQNln3f4Gr7E0ya240t66y_RJGLtaiPAptoIG8PkPigGfhvozNNVgU0LkAuN-x1xHxOALiPMZiZECvMZ7lyjjvRxj1PwcwPIJKPikmlf0HF7bn4AG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Eflr_ieR8Ye0zgKCKz5wcJ1ojKQ%26client%3Dca-pub-7619566160263618%26adurl%3D
Frame ID: 32B4E917BA2DB6A5EA0521AD0360B98C
Requests: 20 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/share_button.php?app_id=1703687853256452&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6c65935b8dba4%26domain%3Dlive4x-afrikans.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flive4x-afrikans.tk%252Ff5d178587a9d58%26relation%3Dparent.parent&container_width=91&href=https%3A%2F%2Flive4x-afrikans.tk%2F&layout=button&locale=ru_RU&mobile_iframe=true&sdk=joey&size=small
Frame ID: 54BA59EE2079003832AF44CE1EAFD5DD
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A53FE46398E8AEE031785D63885B22E8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB519F6890DB0F4E8D4FBE1E885143EB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dokter hulp

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

158
Requests

84 %
HTTPS

30 %
IPv6

53
Domains

69
Subdomains

47
IPs

8
Countries

2361 kB
Transfer

4356 kB
Size

72
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.donationalerts.com/r/maksi_top

Search URL Search Domain Scan URL

URL: https://rtb.sape.ru/?utm_source=adsbyrtbsape&utm_medium=banner&utm_campaign=overlay
Title: Реклама от RtbSape

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https%3A%2F%2Flive4x-afrikans.tk%2F

Search URL Search Domain Scan URL

URL: https://kshop5.pro/d46HDt/

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://counter.yadro.ru/hit?t26.11;r;s1600*1200*24;uhttps%3A//live4x-afrikans.tk/;0.7429104694270816 HTTP 302
https://counter.yadro.ru/hit?q;t26.11;r;s1600*1200*24;uhttps%3A//live4x-afrikans.tk/;0.7429104694270816

Request Chain 55

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F80AFF861E4059F5A02906943 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F80AFF861E4059F5A02906943&crf=1

Request Chain 56

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007F80AFF86122007E6B02429843

Request Chain 57

https://px.adhigh.net/p/cm/sape?u=0100007F80AFF861E4059F5A02906943 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007F80AFF861E4059F5A02906943&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=LyLxyqs3CyD.AikABlF-s22PmQ

Request Chain 59

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4775181356 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=ASLaX_P1EkitknWd7n7khuw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F80AFF861E4059F5A02906943

Request Chain 61

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=886f959c-a133-4713-a977-4c2224efaa30 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiB3-KPBlIEioaQK2IkODg2Zjk1OWMtYTEzMy00NzEzLWE5NzctNGMyMjI0ZWZhYTMw HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiB3-KPBlIEioaQK2IkODg2Zjk1OWMtYTEzMy00NzEzLWE5NzctNGMyMjI0ZWZhYTMwogEQ-1MzzIMSEeyG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABiB3-KPBmIkODg2Zjk1OWMtYTEzMy00NzEzLWE5NzctNGMyMjI0ZWZhYTMwogEQ-1MzzIMSEeyG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARiB3-KPBmIkODg2Zjk1OWMtYTEzMy00NzEzLWE5NzctNGMyMjI0ZWZhYTMwogEQ-1MzzIMSEeyG4AAlkMBkfA**

Request Chain 65

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://28b15f3b-1791-4769-a82e-16e6e8b40bea.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP 302
https://www.acint.net/match?dp=71&euid=28b15f3b-1791-4769-a82e-16e6e8b40bea

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf4Cv-GHkBZ9aApBpQw HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 67

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F80AFF861E4059F5A02906943 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F80AFF861E4059F5A02906943

Request Chain 70

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=DGOFGENK

Request Chain 71

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F80AFF861E4059F5A02906943 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F80AFF861E4059F5A02906943&cs=1

Request Chain 72

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=WYkdaRwQztrE

Request Chain 73

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=47e339bf-7014-5120-b9f1-23a6d8098c26

Request Chain 74

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=8c4e521f70af4e15bd7f728bcf5089ab

Request Chain 75

https://0100007f80aff861e4059f5a02906943-sp.ops.beeline.ru/p?ssp=sp&id=0100007F80AFF861E4059F5A02906943 HTTP 301
https://www.acint.net/match?dp=111&euid=8e75525c-7923-4fc4-bc55-e89e963f9a86

Request Chain 76

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F80AFF861E4059F5A02906943 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=559996679 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=QRF1tjxwMMLhgMno/LD0ke&noredirect

Request Chain 77

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F80AFF861E4059F5A02906943 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F80AFF861E4059F5A02906943 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=3c7dc881-c350-480c-884c-c83e5b347e14&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=30&em=1&ssp=konnektu&id= HTTP 301
https://www.acint.net/match?dp=125&euid=3c7dc881-c350-480c-884c-c83e5b347e14

Request Chain 78

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=2e569918-642a-4402-69d5-4686b6ccf995

Request Chain 79

https://s.uuidksinc.net/match/396/?remote_uid=0100007F80AFF861E4059F5A02906943 HTTP 302
https://www.acint.net/match?dp=127&euid=nDYyogJQtVJuTPiGewPn

Request Chain 80

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=oe88oxmy8y

Request Chain 83

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F80AFF861E4059F5A02906943 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F80AFF861E4059F5A02906943&bounce=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=aidata&id=GySg%2ByxO5VSLg6OFX%2FI8Xw HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=51&exu=GySg%2ByxO5VSLg6OFX%2FI8Xw HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=3c7dc881-c350-480c-884c-c83e5b347e14&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D1%2526ssp%253Dkonnektu%2526exu%253DGySg%25252ByxO5VSLg6OFX%25252FI8Xw%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3DGySg%252ByxO5VSLg6OFX%252FI8Xw%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=GySg%2ByxO5VSLg6OFX%2FI8Xw&id= HTTP 301
https://x01.aidata.io/0.gif?pid=9503528&uid=3c7dc881-c350-480c-884c-c83e5b347e14&exu=GySg%!B(string=%20%20)yxO5VSLg6OFX%!F(MISSING)I8Xw

Request Chain 85

https://an.yandex.ru/mapuid/sapeis/0100007F80AFF861E4059F5A02906943 HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007F80AFF861E4059F5A02906943?redir-setuniq=1

Request Chain 138

https://dmg.digitaltarget.ru/1/1093/i/i?i=769949991860154.210902195076452&a=77&e=0100007F80AFF861E4059F5A02906943&pref=https%3A%2F%2Flive4x-afrikans.tk%2F&c=ss:77.up:0100007F80AFF861E4059F5A02906943.sync:up.xdua:du624FIB2a6kGBMCxoviEA3T.xps:xpsSIN3ZaYgwnUuyUUJhrgmdX.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=769949991860154.210902195076452&a=77&e=0100007F80AFF861E4059F5A02906943&pref=https%3A%2F%2Flive4x-afrikans.tk%2F&c=ss:77.up:0100007F80AFF861E4059F5A02906943.sync:up.xdua:du624FIB2a6kGBMCxoviEA3T.xps:xpsSIN3ZaYgwnUuyUUJhrgmdX.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 139

https://dmg.digitaltarget.ru/1/1093/i/i?i=769949991860154.788219524195095&a=77&e=0100007F80AFF861E4059F5A02906943&pref=https%3A%2F%2Flive4x-afrikans.tk%2F&c=ss:77.up:0100007F80AFF861E4059F5A02906943.sync:up.xdua:du624FIB2a6kGBMCxoviEA3T.xps:xpsSIN3ZaYgwnUuyUUJhrgmdX.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=769949991860154.788219524195095&a=77&e=0100007F80AFF861E4059F5A02906943&pref=https%3A%2F%2Flive4x-afrikans.tk%2F&c=ss:77.up:0100007F80AFF861E4059F5A02906943.sync:up.xdua:du624FIB2a6kGBMCxoviEA3T.xps:xpsSIN3ZaYgwnUuyUUJhrgmdX.dn:acint__net.adcm:hit.tg:adcmjs_noorient

158 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
live4x-afrikans.tk/ 24 KB
24 KB 153ms
55ms Document
text/html 31.129.244.168
MELNYCHENKO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://live4x-afrikans.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 31.129.244.168 Kyiv, Ukraine, ASN207422 (MELNYCHENKO-AS, UA),
Reverse DNS
Software: Apache / PHP/7.2.5
Resource Hash: 7a85656739d160967fac088d9a1551c3a2d039224d785ac0a50c0ba3b2e7a159

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 01 Feb 2022 03:56:47 GMT
Server: Apache
X-Powered-By: PHP/7.2.5
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
52 KB 168ms
67ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd73a46fc8b9fbca6699091ed3fe52e805e74cf77d4b4316f205b11f07bb8922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52479
x-xss-protection: 0
server: cafe
etag: 5158670562486351907
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 03:56:48 GMT

GET
H/1.1 200
OK jquery.js Show response
live4x-afrikans.tk/ 281 KB
281 KB 206ms
43ms Script
application/javascript 31.129.244.168
MELNYCHENKO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://live4x-afrikans.tk/jquery.js
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 31.129.244.168 Kyiv, Ukraine, ASN207422 (MELNYCHENKO-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:48 GMT
Last-Modified: Tue, 23 Feb 2021 22:52:26 GMT
Server: Apache
ETag: "4638e-5bc08c5b1e2b1"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 287630

GET
H/1.1 200
OK style.css
live4x-afrikans.tk/ 18 KB
18 KB 161ms
43ms Stylesheet
text/css 31.129.244.168
MELNYCHENKO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://live4x-afrikans.tk/style.css
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 31.129.244.168 Kyiv, Ukraine, ASN207422 (MELNYCHENKO-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 52b2c1793b47f5482d007dc995faef126f9e97ce1d6852cfb4888303ca45c044

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:48 GMT
Last-Modified: Fri, 26 Feb 2021 20:36:06 GMT
Server: Apache
ETag: "4873-5bc4337b19538"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 18547

GET
H/1.1 200
OK vverx.jpg
live4x-afrikans.tk/foto/ 495 B
765 B 42ms
41ms Image
image/jpeg 31.129.244.168
MELNYCHENKO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live4x-afrikans.tk/foto/vverx.jpg
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 31.129.244.168 Kyiv, Ukraine, ASN207422 (MELNYCHENKO-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: a133c1dfb792fd46cdf3307861d230fc063aa9d034a8f2e17ad418e054118091

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:48 GMT
Last-Modified: Thu, 30 Apr 2020 16:43:17 GMT
Server: Apache
ETag: "1ef-5a484c2f8f261"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 495

GET
H/1.1 200
OK SHAPKA.jpg
live4x-afrikans.tk/foto/struct/ 29 KB
29 KB 43ms
42ms Image
image/jpeg 31.129.244.168
MELNYCHENKO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live4x-afrikans.tk/foto/struct/SHAPKA.jpg
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 31.129.244.168 Kyiv, Ukraine, ASN207422 (MELNYCHENKO-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: c872a9c2a35748b059f52f001e90086a6d9a81dcfcead3ae619222cf5c0cac37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:48 GMT
Last-Modified: Thu, 30 Apr 2020 16:43:17 GMT
Server: Apache
ETag: "72c7-5a484c2fba1ea"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 29383

GET
H/1.1 200
OK donation.jpg
mini-sam.ru/foto/ 22 KB
22 KB 544ms
42ms Image
image/jpeg 31.129.244.168
MELNYCHENKO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mini-sam.ru/foto/donation.jpg
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 31.129.244.168 Kyiv, Ukraine, ASN207422 (MELNYCHENKO-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: d43c1d69f51d11af536e78f0b520e5379c79a063d34f8edf51ed150d342b2eb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:48 GMT
Last-Modified: Wed, 29 Apr 2020 05:57:44 GMT
Server: Apache
ETag: "5647-5a467a07e5432"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 22087

GET
H/1.1 200
OK ManPlus_167_607_%20copy.jpg
it-koder.tk/foto/cpa_foto/ 26 KB
27 KB 357ms
42ms Image
image/jpeg 31.129.244.168
MELNYCHENKO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://it-koder.tk/foto/cpa_foto/ManPlus_167_607_%20copy.jpg
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 31.129.244.168 Kyiv, Ukraine, ASN207422 (MELNYCHENKO-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 8def487b875a463b6a2170022a2228c89b0e31f56ae226c336d53cad05906310

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:48 GMT
Last-Modified: Thu, 10 Sep 2020 16:34:03 GMT
Server: Apache
ETag: "690c-5aef822d80a95"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 26892

GET
H2 200 1042634853.js Show response
cdn-rtb.sape.ru/rtb-b/js/u/853/ 76 KB
25 KB 186ms
89ms Script
application/javascript 95.181.171.231
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/rtb-b/js/u/853/1042634853.js

Requested by

Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.171.231 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

asrv231.qwarta.ru

Software

openresty /

Resource Hash

9b2d38aa94b4c04f11d5b8c40307b5ef4a21e8a22b29166505e4bd12d28fdc88

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
last-modified: Sat, 29 Jan 2022 20:30:22 GMT
server: openresty
x-amz-request-id: 16CED7D4C2A3AF82
etag: W/"a6d4375e9a516db0820b24f713e468e0"
x-cache-status: HIT
vary: Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
content-security-policy: block-all-mixed-content
x-xss-protection: 1; mode=block
expires: Tue, 01 Feb 2022 04:56:48 GMT

GET
H2 200 share.js Show response
vk.com/js/api/ 10 KB
3 KB 115ms
37ms Script
application/x-javascript 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/share.js?94
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv78-190-240-87.vk.com
Software: kittenx /
Resource Hash: 0b28a2aa8ae2cc469fc77cde60ed83fd6176df58e4d15558e5dbbf690e8dedd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: br
x-frontend: front225207
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-c51"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 3153
expires: Sat, 05 Feb 2022 03:56:48 GMT

GET
H/1.1 200
OK ManPlus_307_259_%20copy.jpg
it-koder.tk/foto/cpa_foto/ 29 KB
29 KB 404ms
43ms Image
image/jpeg 31.129.244.168
MELNYCHENKO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://it-koder.tk/foto/cpa_foto/ManPlus_307_259_%20copy.jpg
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 31.129.244.168 Kyiv, Ukraine, ASN207422 (MELNYCHENKO-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 0ea16deb266788cc94938f81eda1c6c07e6ce11cf8cad9f1879f562a711f2ed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:48 GMT
Last-Modified: Mon, 24 Aug 2020 10:38:28 GMT
Server: Apache
ETag: "7333-5ad9d2fe58f47"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 29491

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/ 284 KB
102 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7619566160263618&plah=live4x-afrikans.tk&bust=31064527

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631485082735bf548eeeaef58fb409fefed685432666d06baaf1da7a60a0ae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104642
x-xss-protection: 0
server: cafe
etag: 16263154745089440287
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 03:56:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame 3C5F 10 KB
5 KB 119ms
39ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Mon, 31 Jan 2022 15:32:23 GMT
expires: Mon, 14 Feb 2022 15:32:23 GMT
cache-control: public, max-age=1209600
age: 44665
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET style.css
live4x-afrikans.tk/ 0
0

GET
H/1.1 404
Not Found fon.jpg
live4x-afrikans.tk/foto/forsite/ 1 KB
1 KB 67ms
43ms Image
text/html 31.129.244.168
MELNYCHENKO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live4x-afrikans.tk/foto/forsite/fon.jpg
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 31.129.244.168 Kyiv, Ukraine, ASN207422 (MELNYCHENKO-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: af3776e34db856aa03eb8cf03789a385869df0d29d729755f23f33a8f597cf6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:48 GMT
Server: Apache
Vary: accept-language,accept-charset
Content-Language: de
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=15, max=96

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 28ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 783
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29180
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:22:23 GMT
Server: ECS (frb/673A)
Etag: "e92bd51c447ba1dbd509a1e23d3a8521+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 share.php Show response
vk.com/ 21 B
478 B 48ms
47ms Script
text/html 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&index=0&url=https%3A%2F%2Flive4x-afrikans.tk%2F

Requested by

Host: vk.com
URL: https://vk.com/js/api/share.js?94

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-190-240-87.vk.com

Software

kittenx / KPHP/7.4.110067

Resource Hash

09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
x-frontend: front225207
server: kittenx
x-powered-by: KPHP/7.4.110067
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 41

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 22ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23cf55829ae208fcc398be6eecfb05bf9be0aa86442577844ddc9062fc37ebf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: g4fSOangIEGrDhnpM2hG0w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: OxcjZkGKP3zuK2OQnQBUAj8TXVzz8c2iiSR5s4i1OobVjvkIvFIabyuHnP1wotHoPIWwYWQTD/NEY8jNOf3udw==
x-fb-trip-id: 2050670934
x-fb-content-md5: 226d788f497a5c040435f7d2081a169f
x-frame-options: DENY
date: Tue, 01 Feb 2022 03:56:48 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f758de9dfc4aa3da7d4621642d2c0c37"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 01 Feb 2022 03:56:56 GMT

GET
H/1.1 200
OK zolotko.JPG
live4x-afrikans.tk/foto/for_site/ 19 KB
19 KB 62ms
42ms Image
image/jpeg 31.129.244.168
MELNYCHENKO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live4x-afrikans.tk/foto/for_site/zolotko.JPG
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 31.129.244.168 Kyiv, Ukraine, ASN207422 (MELNYCHENKO-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 1f6bd4bab5ba0fccdcbec1e12f6f053eea6c9230b64cc70ba06fe2b54d26dc99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:48 GMT
Last-Modified: Thu, 30 Apr 2020 16:43:17 GMT
Server: Apache
ETag: "4c1c-5a484c2fa2ae5"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 19484

GET
H2 200 like_widget.png
vk.com/images/icons/ 538 B
753 B 38ms
38ms Image
image/png 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vk.com/images/icons/like_widget.png
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv78-190-240-87.vk.com
Software: kittenx /
Resource Hash: 3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
last-modified: Tue, 22 Sep 2020 20:29:56 GMT
server: kittenx
etag: "5f6a5ec4-21a"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 538
expires: Tue, 08 Feb 2022 03:56:48 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t26.11;r;s1600*1200*24;uhttps%3A//live4x-afrikans.tk/;0.7429104694270816
https://counter.yadro.ru/hit?q;t26.11;r;s1600*1200*24;uhttps%3A//live4x-afrikans.tk/;0.7429104694270816

120 B
606 B

53ms
53ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t26.11;r;s1600*1200*24;uhttps%3A//live4x-afrikans.tk/;0.7429104694270816

Requested by

Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

92e3a433c7cd57f7f76405917626c5ca0ea600fda464df3f4c8b5a6c6990f6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 03:57:06 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 120
Expires: Sun, 31 Jan 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 03:57:05 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t26.11;r;s1600*1200*24;uhttps%3A//live4x-afrikans.tk/;0.7429104694270816
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 31 Jan 2021 21:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 285 KB
80 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=f8040097bca925c76642009c77f10ebc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99da2f39a34bad0d2390d594eb160fab31ea8ab1e0b1803d969cb4b74ecd11c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://live4x-afrikans.tk/
Origin: https://live4x-afrikans.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: d/PqXC48ZkwHGyPEE+CR1w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 01 Feb 2023 00:47:20 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82134
x-fb-rlafr: 0
x-fb-debug: 3KDj0pj6N3c3hOVO1YNh6GfXlzw5RYtKjnPS8F4ZZoMS2cV1kGikirYBA6/Tmp3RMMG3uavHoXwf5rnybi+SIw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f86c16de8fbb093f93d87e24feb65a35
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Feb 2022 03:56:48 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "cf9f48a5f15a53545c60d78d7d4f2bd5"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html Show response
platform.twitter.com/widgets/ Frame 3F00 319 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Flive4x-afrikans.tk
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 359428
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2022 03:56:48 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 19 Jan 2022 19:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6731)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3F00 232 B
448 B 134ms
118ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=63a822b75f20c483a0b439ddb1a07ed01b9de0ca

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Flive4x-afrikans.tk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 01 Feb 2022 03:56:47 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 03:56:48 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 6504aee34cad1374b30c816e0287f3568a2bc78fbe8f85e33a9d36941e48c69c
content-length: 166

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 222 B
649 B 132ms
48ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=live4x-afrikans.tk&callback=_gfp_s_&client=ca-pub-7619566160263618

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7619566160263618&plah=live4x-afrikans.tk&bust=31064527

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

13dc640e3bc4ef9e31b7156233747df145533a76ecf052cff474e388637ecbf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 137ms
51ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=live4x-afrikans.tk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 131ms
45ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=live4x-afrikans.tk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1CE0 39 KB
13 KB 233ms
185ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&adk=1812271804&adf=3025194257&lmt=1643687808&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flive4x-afrikans.tk%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643687808297&bpp=117&bdt=259&idt=248&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5548044431223&frm=20&pv=2&ga_vid=1776941803.1643687809&ga_sid=1643687809&ga_hid=2147196317&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064527%2C31063222&oid=2&pvsid=1034017684445270&pem=633&tmod=1437782944&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=263

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdc1e94ac3f0716e3bbbb493c3933579e3e80f5e3e5a7d0c3992bd2412370fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 01 Feb 2022 03:56:48 GMT
server: cafe
content-length: 13460
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 01 Feb 2022 03:56:48 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A16 22 KB
9 KB 179ms
139ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&h=600&slotname=4059907525&adk=414549888&adf=2428413711&pi=t.ma~as.4059907525&w=160&lmt=1643687808&psa=0&format=160x600&url=https%3A%2F%2Flive4x-afrikans.tk%2F&flash=0&alternate_ad_url=http%3A%2F%2Fmini-sam.ru%2Fclicksor.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643687808421&bpp=3&bdt=383&idt=144&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5548044431223&frm=20&pv=1&ga_vid=1776941803.1643687809&ga_sid=1643687809&ga_hid=2147196317&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=25&ady=724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064527%2C31063222&oid=2&pvsid=1034017684445270&pem=633&tmod=1437782944&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ttt3G6awZP&p=https%3A//live4x-afrikans.tk&dtd=149

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55c9070b7d26e136743648a67bb6e9377d59b3d49e0d7dd2272562bccd9fecbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 01 Feb 2022 03:56:48 GMT
server: cafe
content-length: 9381
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 01 Feb 2022 03:56:48 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD2D 22 KB
9 KB 171ms
136ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&h=90&slotname=5452671033&adk=3831289261&adf=775728417&pi=t.ma~as.5452671033&w=728&lmt=1643687808&psa=0&format=728x90&url=https%3A%2F%2Flive4x-afrikans.tk%2F&flash=0&alternate_ad_url=http%3A%2F%2Fmini-sam.ru%2Fclicksor_700_90.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643687808424&bpp=1&bdt=386&idt=148&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=5548044431223&frm=20&pv=1&ga_vid=1776941803.1643687809&ga_sid=1643687809&ga_hid=2147196317&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=203&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064527%2C31063222&oid=2&pvsid=1034017684445270&pem=633&tmod=1437782944&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PrHs913ZM6&p=https%3A//live4x-afrikans.tk&dtd=151

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d132fc302e8b8e461a6947d075dbbc6a58d36a4f463ddd485d865d55189aab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 01 Feb 2022 03:56:48 GMT
server: cafe
content-length: 9386
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 01 Feb 2022 03:56:48 GMT
cache-control: private

GET
H2 200 55895.js Show response
cdn-rtb.sape.ru/rtb-b/js/895/2/ 113 KB
46 KB 61ms
59ms Script
application/javascript 95.181.171.231
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/rtb-b/js/895/2/55895.js

Requested by

Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/u/853/1042634853.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.171.231 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

asrv231.qwarta.ru

Software

openresty /

Resource Hash

795f54abe4c7e50e0e8660072b1dcd39fee335a82516349eef9f49ef888e1cf2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 08:31:35 GMT
server: openresty
x-amz-request-id: 16CF8D5A74049FB9
etag: W/"f0aa489e3e0656490926d1f60b5f5144"
x-cache-status: MISS
vary: Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
content-security-policy: block-all-mixed-content
x-xss-protection: 1; mode=block
expires: Tue, 01 Feb 2022 04:56:48 GMT

GET
H2 200 3
www.acint.net/rtbw/ 43 B
341 B 39ms
10ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/3?dp=0&cd=%7B%22us%22%3A1042634853%2C%22st%22%3A55895%2C%22pl%22%3A234255%7D&sid=61f8af80-9ae1-48qh-w2x8-s4ji2ktkuobw&ref=https%3A%2F%2Flive4x-afrikans.tk%2F&r=6iwg8wostrsg
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/rtbw/ 43 B
338 B 39ms
11ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/3?dp=0&cd=%7B%22us%22%3A1042634853%2C%22st%22%3A55895%2C%22pl%22%3A234256%7D&sid=61f8af80-9ae1-48qh-w2x8-s4ji2ktkuobw&ref=https%3A%2F%2Flive4x-afrikans.tk%2F&r=ms81537k6tmn
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/rtbw/ 43 B
339 B 39ms
11ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/3?dp=0&cd=%7B%22us%22%3A1042634853%2C%22st%22%3A55895%2C%22pl%22%3A390011%7D&sid=61f8af80-9ae1-48qh-w2x8-s4ji2ktkuobw&ref=https%3A%2F%2Flive4x-afrikans.tk%2F&r=7h4xexl7vi18
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK button.1c2a6e168692ffea6cc8d4efc5b6f6bc.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.1c2a6e168692ffea6cc8d4efc5b6f6bc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: e4adc260fa5bff268e2359ba73814e154d7e3cd828dd946b8076d6b5129218a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:48 GMT
Content-Encoding: gzip
Age: 359429
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 2293
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:04:20 GMT
Server: ECS (frb/673A)
Etag: "0fe442c8a1482a5540ef9bb91b588585+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK tweet_button.8f764d5bd2778f88121d31d7d8d8e1e3.en.html Show response
platform.twitter.com/widgets/ Frame 78DD 32 KB
13 KB 8ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.8f764d5bd2778f88121d31d7d8d8e1e3.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: d31d4ca0131cf392d058bc80538ccb9867d298954d3b6a883c7a9c64dc7b8afa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 359428
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2022 03:56:48 GMT
Etag: "06068f4356ac6bd3ea317897b02dde49+gzip"
Last-Modified: Wed, 19 Jan 2022 19:04:24 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/673A)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12235

GET
DATA 200
OK truncated
/ Frame 78DD 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 aci.js Show response
www.acint.net/ 22 KB
7 KB 11ms
11ms Script
application/x-javascript 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/895/2/55895.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 13:21:32 GMT
server: openresty
etag: "61a4d3dc-1d25"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7461
expires: Tue, 01 Feb 2022 15:56:48 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 11ms
10ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A55895%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A823%7D&sid=61f8af80-bb64-5cur-g80c-ayrjj2s5ta2p&ref=https%3A%2F%2Flive4x-afrikans.tk%2F&r=1643687809
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 11ms
11ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A55895%2C%22sc%22%3A0%2C%22pl%22%3A234255%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=61f8af80-bb64-5cur-g80c-ayrjj2s5ta2p&ref=https%3A%2F%2Flive4x-afrikans.tk%2F&r=1643687809
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 11ms
11ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A55895%2C%22sc%22%3A0%2C%22pl%22%3A234256%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=61f8af80-bb64-5cur-g80c-ayrjj2s5ta2p&ref=https%3A%2F%2Flive4x-afrikans.tk%2F&r=1643687809
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 12ms
11ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A55895%2C%22sc%22%3A0%2C%22pl%22%3A390011%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=61f8af80-bb64-5cur-g80c-ayrjj2s5ta2p&ref=https%3A%2F%2Flive4x-afrikans.tk%2F&r=1643687809
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 / Show response
www.acint.net/mc/ Frame 8DDF 4 KB
4 KB 13ms
12ms Document
text/html 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=14
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: 0d8c911a9c7973cb8d6ecac1353a00b09e1d6df4f655b3040a52102f0c0e34e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/

Response headers

server: openresty
date: Tue, 01 Feb 2022 03:56:48 GMT
content-type: text/html
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

GET
H2 200 /
www.acint.net/hit/ 43 B
224 B 11ms
10ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.4.0&uid=c5af25ca-cc3c-420b-971b-b110a490405d&dp=14&tz=%2B00%3A00&nc=56285827&u=https%3A%2F%2Flive4x-afrikans.tk%2F&r=&rs=1600x1200&t=Dokter%20hulp&oE=1&oP=1&dT=2022-02-01T03%3A56%3A48.776&fu=07ac92ca-2c4e-4cad-8314-40ffb46d2069
Requested by: Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame CD2D 2 KB
1 KB 146ms
46ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&h=90&slotname=5452671033&adk=3831289261&adf=775728417&pi=t.ma~as.5452671033&w=728&lmt=1643687808&psa=0&format=728x90&url=https%3A%2F%2Flive4x-afrikans.tk%2F&flash=0&alternate_ad_url=http%3A%2F%2Fmini-sam.ru%2Fclicksor_700_90.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643687808424&bpp=1&bdt=386&idt=148&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=5548044431223&frm=20&pv=1&ga_vid=1776941803.1643687809&ga_sid=1643687809&ga_hid=2147196317&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=203&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064527%2C31063222&oid=2&pvsid=1034017684445270&pem=633&tmod=1437782944&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PrHs913ZM6&p=https%3A//live4x-afrikans.tk&dtd=151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 03:45:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD2D 123 KB
38 KB 157ms
59ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 03:56:48 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame CD2D 14 KB
6 KB 138ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 03:22:52 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 1A16 2 KB
1 KB 147ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&h=600&slotname=4059907525&adk=414549888&adf=2428413711&pi=t.ma~as.4059907525&w=160&lmt=1643687808&psa=0&format=160x600&url=https%3A%2F%2Flive4x-afrikans.tk%2F&flash=0&alternate_ad_url=http%3A%2F%2Fmini-sam.ru%2Fclicksor.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643687808421&bpp=3&bdt=383&idt=144&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5548044431223&frm=20&pv=1&ga_vid=1776941803.1643687809&ga_sid=1643687809&ga_hid=2147196317&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=25&ady=724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064527%2C31063222&oid=2&pvsid=1034017684445270&pem=633&tmod=1437782944&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ttt3G6awZP&p=https%3A//live4x-afrikans.tk&dtd=149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 03:45:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A16 123 KB
38 KB 203ms
105ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 03:56:48 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 1A16 14 KB
6 KB 141ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 03:22:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CD2D 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL6logK_4YZ7vJtOQ7_UPkaqd0ArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc2MTk1NjYxNjAyNjM2MTigAdW20uoDyAEJqQJMWi2u6NeyPqgDAaoEvQFP0FG3jWqL3MQdu4LO8WfFXkMau7Rj-twkGfT6Xjr_uavPy7Dx6rcOCJKNGIN3ydJtYwMwLW1WLbyrycEQOQ14moRBoAM6KHPps_eLTNy7c1TBZzMM6WixlvMFlAaWAd2vICJZ0gt4QPJBYNFEFYk5C-sJso2k4ENwv50zG9hVg14-PdSYjgZDfkerhNGQRVaUp-weJtFZgQLffzNCybiuHOs7S3FRMKZkiL6VdcvjgPJUrs-9UQ8D6frA24uABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03NjE5NTY2MTYwMjYzNjE4GAA&sigh=rRCRGBEbSyE&uach_m=[UACH]&cid=CAQSGwCNIrLMEgLT7MolJMtAd6Q666NZrZK3VXc59xgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&h=90&slotname=5452671033&adk=3831289261&adf=775728417&pi=t.ma~as.5452671033&w=728&lmt=1643687808&psa=0&format=728x90&url=https%3A%2F%2Flive4x-afrikans.tk%2F&flash=0&alternate_ad_url=http%3A%2F%2Fmini-sam.ru%2Fclicksor_700_90.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643687808424&bpp=1&bdt=386&idt=148&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=5548044431223&frm=20&pv=1&ga_vid=1776941803.1643687809&ga_sid=1643687809&ga_hid=2147196317&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=203&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064527%2C31063222&oid=2&pvsid=1034017684445270&pem=633&tmod=1437782944&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PrHs913ZM6&p=https%3A//live4x-afrikans.tk&dtd=151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 01 Feb 2022 03:56:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Feb 2022 03:56:48 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame CD2D 0
0 57ms
15ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UP2jEt6BMNgFWp2DYgICAAAA0l4HDh9eyfsQf6_4YWcvEFaQJM57Rm5VABI&wp=YfivgAAJt54Iu8hTAAdVEZerGject8pex4hP-g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 200232
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3077 42 KB
17 KB 55ms
19ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YfivgAAJt54Iu8hTAAdVEZerGject8pex4hP-g&u=%7CNdDCp0RUOaa1H7QDJeJzPdICAMW5jkZDEZJtiV3J%2Bps%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wciotc80JgXfDRVas-O7ztttMgI1tkZc1uNlkTTa21FcITX126J2ChD9BjGxbaZ-XbmkJyCXiDLdaqXs9TM4JNAlrQuQTtyiI-eLcKItmgLVTmvawZjP7x4jzDVEI1-bw3xCLOR5kcFy3uYQ7WS89p_N_RdxVgK5n-r_x5wcnsSrwwR7xg6yeaTCKVfHzkIo6lZhlRM9AzH0dnx13xle-UXlYXXcHDdp3mhrouTt28WyluSpKpa4jwZfw__0ygPIscJ7r8QYZgQPwPe-SBzZm0PrCsUc_wSQG5_2yQd8x0CZAVQNl1EDpYGPgdgWDC5-cCx7-z1zGtIm_znrYnjBx1Vydal_HCX5PUsBX1Y6AhzdSosnnuyEyRTAnm5MHwQzJMg1I3CiWM__9p5fK0gC9b3Bj7FQbUd8kg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfVQXgK_4YZ7vJtOQ7_UPkaqd0ArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc2MTk1NjYxNjAyNjM2MTigAdW20uoDyAEJqQJMWi2u6NeyPqgDAaoEwAFP0FG3jWqL3MQdu4LO8WfFXkMau7Rj-twkGfT6Xjr_uavPy7Dx6rcOCJKNGIN3ydJtYwMwLW1WLbyrycEQOQ14moRBoAM6KHPps_eLTNy7c1TBZzMM6WixlvMFlAaWAd2vICJZ0gt4QPJBYNFEFYk5C-sJso2k4ENwv50zG9hVg14-PdSYjgZDfkerhNGQRVaUp-weJtFZwwD-7bTNVasRgP-Ym0z3yK9wggifW9NhNDppCD0CTyMbbFBEyDRc12WABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30U1cVnzffLs6OnQ6CLp6VrKggDA%26client%3Dca-pub-7619566160263618%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

95eb3b0fb2f1614be46dfffb13b1ab1235dc177a5e079c3e503b833e682d6748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=mu2RUZ2-j6QJ-FWhtMEV2hs-yj622Rz0imCsi0VUY1IN4TuDbx23XB3jslBdt8_sYe2cbeIkrfaRtAgJzzl3LxAJDD1IqVR8aCWKOHs4B24Z7x-WvMBOwLOiTaVlkltPaUM1Hz4b5XTM8Iy4xKx1ybCzromETJTqub3oXhVtrz9Xu7kXYrMxctdVQEef19BWUKYkqO6Iv8srL-dr5VYTeZzDCms74Bp1_lNrgsGYoXnHto5OgeS5oNPh4KWgzPztp1Lqb_vtm3-Xqkt_"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 5298674
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1A16 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClV0VgK_4YdzyJpbF7_UP_Je82ArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc2MTk1NjYxNjAyNjM2MTigAdW20uoDyAEJqQKHqcZSztmyPqgDAaoExAFP0HavdlzhZAQuWwya6bMyo4S5Gbc4azDzeISXdCXPY4CGTUR62BcgZQj0A1dBHAiPfL7C04OPE_b7px2E59c513jLt65-uiyvpRAY1Z5N2hD-YOMjOiFgxByCnORyORtROexFSeqgZ2MNZuKOL-jdTKS8BUTYVizpUYs2o-EHM_Je3IN1CwOYHjD_n2W-o7rNb8krBN6zzYM2qRn6s07Zdx0WDQ62AVj7TRJxEakTdB7Lj4Hjl5HXjd_2EFuR4pc-De6ZgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzYxOTU2NjE2MDI2MzYxOBgA&sigh=8wE70iJRxRY&uach_m=[UACH]&cid=CAQSGwCNIrLMBRBd3-1rMUJpTNsJq99-cFI0tLYBBRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&h=600&slotname=4059907525&adk=414549888&adf=2428413711&pi=t.ma~as.4059907525&w=160&lmt=1643687808&psa=0&format=160x600&url=https%3A%2F%2Flive4x-afrikans.tk%2F&flash=0&alternate_ad_url=http%3A%2F%2Fmini-sam.ru%2Fclicksor.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643687808421&bpp=3&bdt=383&idt=144&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5548044431223&frm=20&pv=1&ga_vid=1776941803.1643687809&ga_sid=1643687809&ga_hid=2147196317&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=25&ady=724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064527%2C31063222&oid=2&pvsid=1034017684445270&pem=633&tmod=1437782944&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ttt3G6awZP&p=https%3A//live4x-afrikans.tk&dtd=149
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 01 Feb 2022 03:56:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Feb 2022 03:56:48 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 1A16 0
0 54ms
15ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UP2jEtyBMKAB2ASdg2ICAgAAAFbwSw_2yJE1EH-v-GEbWO3JWhLU-xDJfwAS&wp=YfivgAAJuVwIu-KWAA8L_HeHOTOzJhCS7yauLg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 219714
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 33EE 46 KB
18 KB 67ms
35ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YfivgAAJuVwIu-KWAA8L_HeHOTOzJhCS7yauLg&u=%7CNdDCp0RUOab7ZB1p5uQDuXhvA4lj5W%2B6xatPXpjP7M4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKV5ggHwXpVkDjMEb-TC-iqQs9ndGqcSpJXwbyfsTxkMIBEz7v9QJSQe72K65Q7I96fVWTETjML55-KBfASuiEo1WBcUriw1bVzWoUBxytjzIwbpM52AoSl2EeeNV3aOM32c0oPmWmew-l8a4seVculmd93FVkEC-UInoqcnQik1IvHqyUCqluC0_eJa8ErKpZLFRN8yvjK7z73tjJBSBY-tZ4d5_eIM4KyG1z98rCSEh564VigDgaIzPQH1U_ClGRTynzB_I_9tPp5mGAaT67Q00JO3h38g-oB5fdVAh5S6z4uAfX6wCZka2KQKMs1IuLPBY5A2M7BiXaHI2YWkhwaceOjl8t67PL7BE-NouFEAEHQs-gSUjijKXopOW4E5inKbP63_O4cMGbH9XxSb6kWSm6ipWcBttt4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSKSygK_4YdzyJpbF7_UP_Je82ArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc2MTk1NjYxNjAyNjM2MTigAdW20uoDyAEJqQKHqcZSztmyPqgDAaoExwFP0HavdlzhZAQuWwya6bMyo4S5Gbc4azDzeISXdCXPY4CGTUR62BcgZQj0A1dBHAiPfL7C04OPE_b7px2E59c513jLt65-uiyvpRAY1Z5N2hD-YOMjOiFgxByCnORyORtROexFSeqgZ2MNZuKOL-jdTKS8BUTYVizpUYs2o-EHM_Je3IN1CwOYHjD_n2W-o7rNb8krBN6zzYM2qRn6swzbVo-RgpKlvsTv7sJMt1EaYBR9ha_7FSUfsHkEr0W9-hKUif0m51gygAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3iVLNJyN6LKYG-6WzpM9-21pwYLQ%26client%3Dca-pub-7619566160263618%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

59b725fc2d95372e5d5240c99aaa158b782ff9fc98ac5ad6a6c3385ffcf7822e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=uD_6rp2-j6QJ-FWhNJjyn10SrA3L3aM-3_NXWAkM4zLvWEsjgnvE3P-BDBA7xgC3cONzVZwM5QITHZfC4EptxjR1Eo0ny-Q_WcAj8p1CpVPHonp5_8sCrVPosNgI5bxVRCgV_W5lfMXh1ptCMO_Vc1HtDigRQprR6AJ1igHS4PUliuhBPxjJIBGhyBLBA5RHphyV-2Ke6aFxUaxxYOv1Ykg-BBK0kRwKKuCi2SSEVlY89AsAXw1ob9XlRhtpqnhVmKhrvQJE3MmQlBFz"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 5833879
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

match
ads.betweendigital.com/ Frame 8DDF
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F80AFF861E4059F5A02906943
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F80AFF861E4059F5A02906943&crf=1

68 B
607 B

49ms
49ms

Image
image/png

188.42.29.165
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F80AFF861E4059F5A02906943&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007F80AFF861E4059F5A02906943&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 8DDF
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007F80AFF86122007E6B02429843

43 B
270 B

41ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007F80AFF86122007E6B02429843
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 01 Feb 2022 03:56:48 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007F80AFF86122007E6B02429843
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 8DDF
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F80AFF861E4059F5A02906943
https://px.adhigh.net/p/cm/sape?u=0100007F80AFF861E4059F5A02906943&bounced=1
https://acint.net/match?dp=17&euid=LyLxyqs3CyD.AikABlF-s22PmQ

43 B
269 B

12ms
10ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=LyLxyqs3CyD.AikABlF-s22PmQ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:48 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f23-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=LyLxyqs3CyD.AikABlF-s22PmQ
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 8DDF 43 B
764 B 145ms
50ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F80AFF861E4059F5A02906943
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:48 GMT
Last-Modified: Tue, 01 Feb 2022 03:56:48 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Tue, 01 Feb 2022 09:56:48 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 8DDF
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4775181356
https://www.acint.net/rmatch?dp=45&euid=ASLaX_P1EkitknWd7n7khuw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F80AFF861E4059F5A02906943

42 B
201 B

164ms
64ms

Image
image/gif

81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F80AFF861E4059F5A02906943
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:49 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Tue, 01 Feb 2022 03:56:49 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F80AFF861E4059F5A02906943
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 8DDF 0
818 B 43ms
23ms Image
text/plain 2606:4700:3039::6815:c07c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c07c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1d857XJYsT9aFbyid%2FKaJdFv7HNpOor%2BnJVUaotdZAuy6DjUU8voLy4oU2AjcHjAQG8FqvzPfad7%2BmNWuN3GCdg7UtyY53BwwK8GEGYjYw12dVm3vc5Q27V2J0nohJO1dbuUVWQaIx40g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 6d684085297e9013-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 8DDF
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=886f959c-a133-4713-a977-4c2224efaa30
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiB3-KPBlIEioaQK2IkODg2Zjk1OWMtYTEzMy00NzEzLWE5NzctNGMyMjI0ZWZhYTMw
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiB3-KPBlIEioaQK2IkODg2Zjk1OWMtYTEzMy00NzEzLWE5NzctNGMyMjI0ZWZhYTMwogEQ-1MzzIMSEeyG4AAlkMBkfA**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABiB3-KPBmIkODg2Zjk1OWMtYTEzMy00NzEzLWE5NzctNGMyMjI0ZWZhYTMwogEQ-1MzzIMSEeyG4AAlkMBkfA**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARiB3-KPBmIkODg2Zjk1OWMtYTEzMy00NzEzLWE5NzctNGMyMjI0ZWZhYTMwogEQ-1MzzIMSEeyG4AAlkMBkfA**

43 B
552 B

7ms
7ms

Image
image/gif

31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARiB3-KPBmIkODg2Zjk1OWMtYTEzMy00NzEzLWE5NzctNGMyMjI0ZWZhYTMwogEQ-1MzzIMSEeyG4AAlkMBkfA**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Server: 31.172.81.172 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:49 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Tue, 01 Feb 2022 03:56:49 GMT
Server: nginx
ETag: fb5333cc-8312-11ec-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARiB3-KPBmIkODg2Zjk1OWMtYTEzMy00NzEzLWE5NzctNGMyMjI0ZWZhYTMwogEQ-1MzzIMSEeyG4AAlkMBkfA**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 8DDF 0
239 B 63ms
19ms Image
text/plain 37.18.103.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007F80AFF861E4059F5A02906943

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:48 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 514
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 8DDF 3 KB
3 KB 146ms
45ms Script
application/javascript 185.15.175.144
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:48 GMT
Last-Modified: Tue, 16 Nov 2021 09:48:08 GMT
Server: nginx
ETag: "61937e58-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 8DDF 0
69 B 37ms
11ms Image
text/plain 138.201.65.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F80AFF861E4059F5A02906943
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.65.201.138.clients.your-server.de
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 01 Feb 2022 03:56:48 GMT
server: nginx/1.17.4

GET
H2

200

match
www.acint.net/ Frame 8DDF
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://28b15f3b-1791-4769-a82e-16e6e8b40bea.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
https://www.acint.net/match?dp=71&euid=28b15f3b-1791-4769-a82e-16e6e8b40bea

43 B
269 B

13ms
13ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=28b15f3b-1791-4769-a82e-16e6e8b40bea
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Tue, 01 Feb 2022 03:56:48 GMT
server: nginx
location: https://www.acint.net/match?dp=71&euid=28b15f3b-1791-4769-a82e-16e6e8b40bea
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 8DDF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf4Cv-GHkBZ9aApBpQw
https://www.acint.net/match?dp=77&euid=

43 B
269 B

12ms
12ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 8DDF
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F80AFF861E4059F5A02906943
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F80AFF861E4059F5A02906943

43 B
115 B

48ms
15ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F80AFF861E4059F5A02906943
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Tue, 01 Feb 2022 03:56:49 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F80AFF861E4059F5A02906943
date: Tue, 01 Feb 2022 03:56:49 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 8DDF 42 B
201 B 254ms
62ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F80AFF861E4059F5A02906943
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:49 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 404 sprcs
relap.io/partners/ Frame 8DDF 0
0 248ms
64ms Image
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://relap.io/partners/sprcs?uid=0100007F80AFF861E4059F5A02906943
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: relap.io
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2

200

match
www.acint.net/ Frame 8DDF
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=DGOFGENK

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=DGOFGENK
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=DGOFGENK
Date: Tue, 01 Feb 2022 03:56:49 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 8DDF
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F80AFF861E4059F5A02906943
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F80AFF861E4059F5A02906943&cs=1

35 B
376 B

11ms
11ms

Image
image/gif

88.99.149.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F80AFF861E4059F5A02906943&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dmc-test-dn3
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F80AFF861E4059F5A02906943&cs=1
date: Tue, 01 Feb 2022 03:56:49 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 8DDF
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=WYkdaRwQztrE

43 B
269 B

12ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=WYkdaRwQztrE
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=WYkdaRwQztrE
Date: Tue, 01 Feb 2022 03:56:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 8DDF
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=47e339bf-7014-5120-b9f1-23a6d8098c26

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=47e339bf-7014-5120-b9f1-23a6d8098c26
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=47e339bf-7014-5120-b9f1-23a6d8098c26
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 8DDF
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=8c4e521f70af4e15bd7f728bcf5089ab

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=8c4e521f70af4e15bd7f728bcf5089ab
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=8c4e521f70af4e15bd7f728bcf5089ab
date: Tue, 01 Feb 2022 03:56:48 GMT
server: Kestrel
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 8DDF
Redirect Chain

https://0100007f80aff861e4059f5a02906943-sp.ops.beeline.ru/p?ssp=sp&id=0100007F80AFF861E4059F5A02906943
https://www.acint.net/match?dp=111&euid=8e75525c-7923-4fc4-bc55-e89e963f9a86

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=8e75525c-7923-4fc4-bc55-e89e963f9a86
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Tue, 01 Feb 2022 03:56:49 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=8e75525c-7923-4fc4-bc55-e89e963f9a86
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.37
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame 8DDF
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F80AFF861E4059F5A02906943
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=559996679
https://ut.rktch.com/matchspm?pi=1000006&pui=QRF1tjxwMMLhgMno/LD0ke&noredirect

88 B
88 B

42ms
42ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=QRF1tjxwMMLhgMno/LD0ke&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:49 GMT
Server: nginx/1.18.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:49 GMT
via: 1.1 google
last-modified: Tue, 01 Feb 2022 03:56:49 GMT
server: nginx/1.12.0
location: https://ut.rktch.com/matchspm?pi=1000006&pui=QRF1tjxwMMLhgMno/LD0ke&noredirect
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 8DDF
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F80AFF861E4059F5A02906943
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F80AFF861E4059F5A02906943
https://tech.rtb.mts.ru/?dsp_uid=3c7dc881-c350-480c-884c-c83e5b347e14&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=30&em=1&ssp=konnektu&id=
https://www.acint.net/match?dp=125&euid=3c7dc881-c350-480c-884c-c83e5b347e14

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=125&euid=3c7dc881-c350-480c-884c-c83e5b347e14
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 01 Feb 2022 03:56:14 GMT
Server: nginx
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Location: https://www.acint.net/match?dp=125&euid=3c7dc881-c350-480c-884c-c83e5b347e14
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 8DDF
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=2e569918-642a-4402-69d5-4686b6ccf995

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=2e569918-642a-4402-69d5-4686b6ccf995
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=2e569918-642a-4402-69d5-4686b6ccf995
date: Tue, 01 Feb 2022 03:56:49 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 8DDF
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0100007F80AFF861E4059F5A02906943
https://www.acint.net/match?dp=127&euid=nDYyogJQtVJuTPiGewPn

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=nDYyogJQtVJuTPiGewPn
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=nDYyogJQtVJuTPiGewPn
date: Tue, 01 Feb 2022 03:56:49 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 8DDF
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=oe88oxmy8y

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=oe88oxmy8y
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:49 GMT
server: nginx/1.14.0
access-control-allow-origin: *
surrogate-control: no-store
vary: Origin
location: https://www.acint.net/match?dp=129&euid=oe88oxmy8y
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 7a5cd26a-8f16-4fc6-aad5-85ace19bbe7e
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 8DDF 0
215 B 122ms
38ms Image
text/plain 217.65.2.150
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F80AFF861E4059F5A02906943
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 01 Feb 2022 03:56:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007F80AFF861E4059F5A02906943
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 8DDF 0
188 B 127ms
41ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F80AFF861E4059F5A02906943
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame 8DDF
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F80AFF861E4059F5A02906943
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F80AFF861E4059F5A02906943&bounce=1
https://sm.rtb.mts.ru/p?ssp=aidata&id=GySg%2ByxO5VSLg6OFX%2FI8Xw
https://sm.rtb.mts.ru/match/second?ssp=51&exu=GySg%2ByxO5VSLg6OFX%2FI8Xw
https://tech.rtb.mts.ru/?dsp_uid=3c7dc881-c350-480c-884c-c83e5b347e14&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3DGySg%252ByxO5VSLg6OFX%252FI8Xw%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=GySg%2ByxO5VSLg6OFX%2FI8Xw&id=
https://x01.aidata.io/0.gif?pid=9503528&uid=3c7dc881-c350-480c-884c-c83e5b347e14&exu=GySg%!B(string=%20%20)yxO5VSLg6OFX%!F(MISSING)I8Xw

0
434 B

44ms
44ms

Image
text/plain

89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9503528&uid=3c7dc881-c350-480c-884c-c83e5b347e14&exu=GySg%!B(string=%20%20)yxO5VSLg6OFX%!F(MISSING)I8Xw
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Tue, 01 Feb 2022 03:56:48 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Tue, 01 Feb 2022 03:56:48 GMT

Redirect headers

Date: Tue, 01 Feb 2022 03:56:14 GMT
Server: nginx
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Location: https://x01.aidata.io/0.gif?pid=9503528&uid=3c7dc881-c350-480c-884c-c83e5b347e14&exu=GySg%!B(string= )yxO5VSLg6OFX%!F(MISSING)I8Xw
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 8DDF 0
523 B 7ms
6ms Image
text/html 31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&uid=0100007F80AFF861E4059F5A02906943
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.172 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:49 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

0100007F80AFF861E4059F5A02906943
an.yandex.ru/mapuid/sapeis/ Frame 8DDF
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0100007F80AFF861E4059F5A02906943
https://an.yandex.ru/mapuid/sapeis/0100007F80AFF861E4059F5A02906943?redir-setuniq=1

43 B
108 B

33ms
33ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F80AFF861E4059F5A02906943?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:49 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 03:56:49 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 01 Feb 2022 03:56:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:49 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 03:56:49 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0100007F80AFF861E4059F5A02906943?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 01 Feb 2022 03:56:49 GMT

GET
H2 200 frame.html Show response
s3.advarkads.com/modules/match/ Frame 6140 187 B
404 B 149ms
131ms Document
text/html 2606:4700:10::6816:457
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F80AFF861E4059F5A02906943
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-type: text/html
cache-control: max-age=60
last-modified: Wed, 13 Oct 2021 12:55:49 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d6840853aee912b-FRA
content-encoding: gzip

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/ 150 KB
54 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/reactive_library_fy2019.js?bust=31064527

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ad586a23cf27d49a6766dd07f7d185b312ba0db1a9296b44060568f199633a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54793
x-xss-protection: 0
server: cafe
etag: 7140802506417296135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 03:56:48 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
357 B 120ms
120ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Flive4x-afrikans.tk%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22l%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1643687808834%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2275b3351%3A1642573356397%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Tue, 01 Feb 2022 03:56:48 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6504aee34cad1374b30c816e0287f3568a2bc78fbe8f85e33a9d36941e48c69c
x-transaction: 20ff698a99accb26
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3077 2 KB
1 KB 122ms
86ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfivgAAJt54Iu8hTAAdVEZerGject8pex4hP-g&u=%7CNdDCp0RUOaa1H7QDJeJzPdICAMW5jkZDEZJtiV3J%2Bps%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wciotc80JgXfDRVas-O7ztttMgI1tkZc1uNlkTTa21FcITX126J2ChD9BjGxbaZ-XbmkJyCXiDLdaqXs9TM4JNAlrQuQTtyiI-eLcKItmgLVTmvawZjP7x4jzDVEI1-bw3xCLOR5kcFy3uYQ7WS89p_N_RdxVgK5n-r_x5wcnsSrwwR7xg6yeaTCKVfHzkIo6lZhlRM9AzH0dnx13xle-UXlYXXcHDdp3mhrouTt28WyluSpKpa4jwZfw__0ygPIscJ7r8QYZgQPwPe-SBzZm0PrCsUc_wSQG5_2yQd8x0CZAVQNl1EDpYGPgdgWDC5-cCx7-z1zGtIm_znrYnjBx1Vydal_HCX5PUsBX1Y6AhzdSosnnuyEyRTAnm5MHwQzJMg1I3CiWM__9p5fK0gC9b3Bj7FQbUd8kg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfVQXgK_4YZ7vJtOQ7_UPkaqd0ArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc2MTk1NjYxNjAyNjM2MTigAdW20uoDyAEJqQJMWi2u6NeyPqgDAaoEwAFP0FG3jWqL3MQdu4LO8WfFXkMau7Rj-twkGfT6Xjr_uavPy7Dx6rcOCJKNGIN3ydJtYwMwLW1WLbyrycEQOQ14moRBoAM6KHPps_eLTNy7c1TBZzMM6WixlvMFlAaWAd2vICJZ0gt4QPJBYNFEFYk5C-sJso2k4ENwv50zG9hVg14-PdSYjgZDfkerhNGQRVaUp-weJtFZwwD-7bTNVasRgP-Ym0z3yK9wggifW9NhNDppCD0CTyMbbFBEyDRc12WABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_30U1cVnzffLs6OnQ6CLp6VrKggDA%26client%3Dca-pub-7619566160263618%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:56:48 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3077 2 KB
1 KB 97ms
62ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:56:48 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3077 308 B
636 B 62ms
27ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 27 Jan 2023 03:56:48 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 3077 507 B
835 B 93ms
59ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 27 Jan 2023 03:56:48 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 3077 43 B
347 B 58ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=e6mdY37yhZ3SxTMvEAd9vGFmcfAqm6AipT1aJXiRrvlY1Qcsy1e5-oedwjuMFL1_uDrrzKD3xXPR9-d55-JcNB9-AF_jptuK1aYxTt4JfGLii6KTpn7E4jOn-FkSmVCHgHHyJS9NcylkQRxb9CH0WrLd1zdEY69Zki5NOzZcTP2S834L6iZUtqz6J4JHKGCFU4_JQu_CIml06771LnzDq-tTXhpcaRlGETcYg7LZPuWQ3zF5_YTu1z28FUTXAamnh2qn5jWs20jQtJ7NO9W078nD-HtcxlrEq_eKD2kQOgJLm8RaLEWECp18pC0UuffHSvvtOazS2UJqYbjRVC5EOKXa__dJ7GrhBpN9hwIj0Z1zsXYGF0av0m1l6LpeFskzuHxCHJyOj3pafgJf2vywBRv7IemD_XinPN7cyE9YBxY9nBQKoPufMAfh3iOxd-Fb3qVGJQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:48 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3072534
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 6aef920c427d406cb51ce925168a15fa_image_ad_728x90.gif
static.criteo.net/design/dt/90764/211109/ Frame 3077 339 KB
339 KB 62ms
28ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/211109/6aef920c427d406cb51ce925168a15fa_image_ad_728x90.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c9f9937a2798feb904cb24d69529e2e92570e92cfc9098a07605350c860fd376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
last-modified: Tue, 09 Nov 2021 08:25:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "618a3097-54b00"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 346880
expires: Fri, 27 Jan 2023 03:56:48 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3077 0
127 B 50ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=mu2RUZ2-j6QJ-FWhtMEV2hs-yj622Rz0imCsi0VUY1IN4TuDbx23XB3jslBdt8_sYe2cbeIkrfaRtAgJzzl3LxAJDD1IqVR8aCWKOHs4B24Z7x-WvMBOwLOiTaVlkltPaUM1Hz4b5XTM8Iy4xKx1ybCzromETJTqub3oXhVtrz9Xu7kXYrMxctdVQEef19BWUKYkqO6Iv8srL-dr5VYTeZzDCms74Bp1_lNrgsGYoXnHto5OgeS5oNPh4KWgzPztp1Lqb_vtm3-Xqkt_&sds=2&rev=80362&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Feb 2022 03:56:48 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3077 2 KB
1 KB 93ms
65ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:56:48 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3077 2 KB
1 KB 57ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:56:48 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 33EE 2 KB
1 KB 73ms
58ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfivgAAJuVwIu-KWAA8L_HeHOTOzJhCS7yauLg&u=%7CNdDCp0RUOab7ZB1p5uQDuXhvA4lj5W%2B6xatPXpjP7M4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKV5ggHwXpVkDjMEb-TC-iqQs9ndGqcSpJXwbyfsTxkMIBEz7v9QJSQe72K65Q7I96fVWTETjML55-KBfASuiEo1WBcUriw1bVzWoUBxytjzIwbpM52AoSl2EeeNV3aOM32c0oPmWmew-l8a4seVculmd93FVkEC-UInoqcnQik1IvHqyUCqluC0_eJa8ErKpZLFRN8yvjK7z73tjJBSBY-tZ4d5_eIM4KyG1z98rCSEh564VigDgaIzPQH1U_ClGRTynzB_I_9tPp5mGAaT67Q00JO3h38g-oB5fdVAh5S6z4uAfX6wCZka2KQKMs1IuLPBY5A2M7BiXaHI2YWkhwaceOjl8t67PL7BE-NouFEAEHQs-gSUjijKXopOW4E5inKbP63_O4cMGbH9XxSb6kWSm6ipWcBttt4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSKSygK_4YdzyJpbF7_UP_Je82ArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc2MTk1NjYxNjAyNjM2MTigAdW20uoDyAEJqQKHqcZSztmyPqgDAaoExwFP0HavdlzhZAQuWwya6bMyo4S5Gbc4azDzeISXdCXPY4CGTUR62BcgZQj0A1dBHAiPfL7C04OPE_b7px2E59c513jLt65-uiyvpRAY1Z5N2hD-YOMjOiFgxByCnORyORtROexFSeqgZ2MNZuKOL-jdTKS8BUTYVizpUYs2o-EHM_Je3IN1CwOYHjD_n2W-o7rNb8krBN6zzYM2qRn6swzbVo-RgpKlvsTv7sJMt1EaYBR9ha_7FSUfsHkEr0W9-hKUif0m51gygAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3iVLNJyN6LKYG-6WzpM9-21pwYLQ%26client%3Dca-pub-7619566160263618%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:56:48 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 33EE 2 KB
1 KB 73ms
61ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:56:48 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 33EE 308 B
636 B 71ms
59ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 27 Jan 2023 03:56:48 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 33EE 507 B
835 B 69ms
58ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 27 Jan 2023 03:56:48 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 33EE 43 B
347 B 36ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=9CG2WFwmtHnLL1_guGeHLVy_dTuUflVQ_WmVL6B0Ejz9XcZv0j74kRFoZdo18fF61og0NNRN-2fJVDYA6LpnIS_bmvdLTaOtJIuYhDfNAA7cQmu2povPk65S-Yi1CKBumaINeinIvUwWR1yDq_GcwZCadI0ZUHOWBEY0b9QFsJ-wJmQsNwpAWQU_gX-a1p9YfmYtpiAgVABGsltqiGOdNFaDNVRIUedGgfth_-8HJ6s3G45hJNpERQC8VcZvmg72AjZ-_pvKOH_D_40os0BmJDiXzbWFJYgClRlUxLSzI-3_iEfIl1NpgRtQ8q9fL6WZaOE5AWyKfi3iTnLMVXWJbu2qUhLZPYtGHqXwkzW6XXYQTRFUNuELKVukGSzQ3yxFGmY4yjYhPxv68ft6RLn2rmFWVmxMWixb3hLLGQSd2z6W2Vw4_vU1z6ZhrbvUiU6yv2Idw5jMvsqxSJDtNU710Dx4D8c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:48 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3413497
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 6bb671a8b1504438871efd5043b2c269_image_ad_160x600.gif
static.criteo.net/design/dt/90764/211109/ Frame 33EE 158 KB
159 KB 67ms
56ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/211109/6bb671a8b1504438871efd5043b2c269_image_ad_160x600.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

466a7a040c068a04a0c88bc793cca7b89e0883e25eef53d8939b180c40f56f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
last-modified: Tue, 09 Nov 2021 08:25:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "618a308e-27880"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 161920
expires: Fri, 27 Jan 2023 03:56:48 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 33EE 0
127 B 31ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=uD_6rp2-j6QJ-FWhNJjyn10SrA3L3aM-3_NXWAkM4zLvWEsjgnvE3P-BDBA7xgC3cONzVZwM5QITHZfC4EptxjR1Eo0ny-Q_WcAj8p1CpVPHonp5_8sCrVPosNgI5bxVRCgV_W5lfMXh1ptCMO_Vc1HtDigRQprR6AJ1igHS4PUliuhBPxjJIBGhyBLBA5RHphyV-2Ke6aFxUaxxYOv1Ykg-BBK0kRwKKuCi2SSEVlY89AsAXw1ob9XlRhtpqnhVmKhrvQJE3MmQlBFz&sds=2&rev=80217&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Feb 2022 03:56:48 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 33EE 2 KB
1 KB 73ms
65ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:56:48 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 33EE 2 KB
1 KB 52ms
52ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:56:48 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 98ms
48ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=live4x-afrikans.tk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 96ms
48ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=live4x-afrikans.tk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/ Frame 813C 10 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Mon, 31 Jan 2022 15:50:50 GMT
expires: Mon, 14 Feb 2022 15:50:50 GMT
cache-control: public, max-age=1209600
age: 43558
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 8DDF 15 KB
15 KB 91ms
91ms Script
application/javascript 185.15.175.144
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=855888311477628
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:49 GMT
Last-Modified: Tue, 16 Nov 2021 09:48:09 GMT
Server: nginx
ETag: "61937e59-3cda"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15578

GET
H2 200 frame.js Show response
s3.advarkads.com/modules/match/ Frame 6140 22 KB
7 KB 12ms
12ms Script
application/javascript 2606:4700:10::6816:457
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F80AFF861E4059F5A02906943
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03333e8487b65839387c9cdecc9a112b7e41570d728a2ab48c7ed89aab72145f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F80AFF861E4059F5A02906943
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 07:30:44 GMT
server: cloudflare
age: 54
etag: "0aa781bcf0d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6d6840861c18912b-FRA
content-length: 7430

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 813C 0
0 57ms
56ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQFzXgK_4YbXzJrOf7_UPwPGt-ATJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc2MTk1NjYxNjAyNjM2MTigAdW20uoDyAEJqQJMWi2u6NeyPqgDAaoEvwFP0J1yjAeU4vOVdtWrulgdJIDl7HzLc9hIJU5HL2Y8V7Q68ZFle0r9W851JOEBbM9bJsWCkVqnZUBtitLOslvxkFW4J8b7UL6qx8h4WEskTDr5a-rB71Ro_I_QKPJcj0Bbic0NAkXEpbiaTXO3CGfRQNln3f4Gr7E0ya240t66y_RJGLtaiPAptoIG8PkPigGfhvozNNVgU0KmAMLsQNPb11-XnFDJtDf6tdJxISLNpZ7XHMG6Mk0XBOAhMNPno4AG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc2MTk1NjYxNjAyNjM2MTgYAA&sigh=-Ox8tFNUwZ8&uach_m=[UACH]&cid=CAQSGwCNIrLM1hNQ1421fqjJOy3qjUJMvutoVChPbhgB

Requested by

Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 01 Feb 2022 03:56:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 813C 0
0 47ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEcz6RO0HfJ2DYgICAAAAU4eT2ZVPwB8Qf6_4YWQFTRPOhkTkKi6uABI&wp=YfivgAAJubUIu8-zAAt4wIDGpDKoQUUp3jQtcQ

Requested by

Host: live4x-afrikans.tk
URL: https://live4x-afrikans.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 288311
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 32B4 134 KB
45 KB 84ms
82ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YfivgAAJubUIu8-zAAt4wIDGpDKoQUUp3jQtcQ&u=%7CNdDCp0RUOaYT0VoYq2JjVqs62LlO78whPhH%2FtKldJPQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wciotc80JgXfDRVas-O7zttyGUPG0x0aWk2coCu8c4vxpcMWvcgHr84uErhgFA3lZ8LbPJtCidZcqCOTlkNPhYdIYbEFpZdhaAuIi-QSSZWarWhyKL5kwEsLoavPP2QtOCJ3NcKOwOj_I_CA_5V1rtZVr2w3xinCdMByxprYMRG2KorU3wvKJ7rHAgvZO8vfmiJ_2DdR8Hsixu6uqFtPPPX-TOKIDyp2Yl7QWxPi1B_DsS_qUtZZUOGAlwXVQ-zZ5F4FVBqY13XJkfpdoG22rd7dyyzmrYmDzYAvpouu_Tpv4yee_ibsOHNgN8W7tb6CBuzx_GmiIZRsiHRzCAZ1JAufmIlSDC9yiGx82csG21W2SR__vBYmg_5XQI7_oVrJl13sOYtn2Ma5hldjkwQ9bSeolwBTDVEWR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXWkGgK_4YbXzJrOf7_UPwPGt-ATJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc2MTk1NjYxNjAyNjM2MTigAdW20uoDyAEJqQJMWi2u6NeyPqgDAaoEwgFP0J1yjAeU4vOVdtWrulgdJIDl7HzLc9hIJU5HL2Y8V7Q68ZFle0r9W851JOEBbM9bJsWCkVqnZUBtitLOslvxkFW4J8b7UL6qx8h4WEskTDr5a-rB71Ro_I_QKPJcj0Bbic0NAkXEpbiaTXO3CGfRQNln3f4Gr7E0ya240t66y_RJGLtaiPAptoIG8PkPigGfhvozNNVgU0LkAuN-x1xHxOALiPMZiZECvMZ7lyjjvRxj1PwcwPIJKPikmlf0HF7bn4AG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Eflr_ieR8Ye0zgKCKz5wcJ1ojKQ%26client%3Dca-pub-7619566160263618%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0f7c23a6b0a61389ae589b3e0bd3ed61d359fa9f1e4cf94fed7411c01c2bf051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=VpqCs52-j6QJ-FWhNoyoXd7UFcM7FcZfCAkKiAu_z3dLMJAuJqJb5Z7x14MgKSAIdjotq2gNp5YrTWrupfJoFxSz7JkYarksabBMWqFQjgTNHZ0zW5rqv17qIqAl1EhEyHSiwjhfeT8xZWzX7lPBJcYHDARjeuv1DsCDrKXlZZARgzOyCd_QFo_d1dvXXOhEOnwSGnbNtIBZCH7ILy1oQ3gcF6IlaFO-K8KvicFW_NdtaR6xvys6k_fFOLoQr_Dm-iWqS9Cu1unFCNFF"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 68236718
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 813C 2 KB
1 KB 87ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 03:45:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 813C 14 KB
6 KB 87ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 03:22:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 813C 123 KB
38 KB 93ms
47ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 03:56:49 GMT

GET
DATA 200
OK truncated
/ Frame CD2D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb9c1181bc24c5d0ec2bd5e3410f406e97971b4b66b6d3a1614abdc27e1d2479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1A16 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30ded2c0f4a0da37794c8205cae9328c27a243368b1963604367154275386c18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK match
api.advarkads.com/api/statistic/ Frame 6140 43 B
389 B 153ms
59ms Image
image/gif 88.212.233.108
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F80AFF861E4059F5A02906943
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F80AFF861E4059F5A02906943
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.233.108 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.18.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 03:56:49 GMT
Server: nginx/1.18.0
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: -1

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 32B4 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfivgAAJubUIu8-zAAt4wIDGpDKoQUUp3jQtcQ&u=%7CNdDCp0RUOaYT0VoYq2JjVqs62LlO78whPhH%2FtKldJPQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wciotc80JgXfDRVas-O7zttyGUPG0x0aWk2coCu8c4vxpcMWvcgHr84uErhgFA3lZ8LbPJtCidZcqCOTlkNPhYdIYbEFpZdhaAuIi-QSSZWarWhyKL5kwEsLoavPP2QtOCJ3NcKOwOj_I_CA_5V1rtZVr2w3xinCdMByxprYMRG2KorU3wvKJ7rHAgvZO8vfmiJ_2DdR8Hsixu6uqFtPPPX-TOKIDyp2Yl7QWxPi1B_DsS_qUtZZUOGAlwXVQ-zZ5F4FVBqY13XJkfpdoG22rd7dyyzmrYmDzYAvpouu_Tpv4yee_ibsOHNgN8W7tb6CBuzx_GmiIZRsiHRzCAZ1JAufmIlSDC9yiGx82csG21W2SR__vBYmg_5XQI7_oVrJl13sOYtn2Ma5hldjkwQ9bSeolwBTDVEWR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXWkGgK_4YbXzJrOf7_UPwPGt-ATJntKxXM3hkvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc2MTk1NjYxNjAyNjM2MTigAdW20uoDyAEJqQJMWi2u6NeyPqgDAaoEwgFP0J1yjAeU4vOVdtWrulgdJIDl7HzLc9hIJU5HL2Y8V7Q68ZFle0r9W851JOEBbM9bJsWCkVqnZUBtitLOslvxkFW4J8b7UL6qx8h4WEskTDr5a-rB71Ro_I_QKPJcj0Bbic0NAkXEpbiaTXO3CGfRQNln3f4Gr7E0ya240t66y_RJGLtaiPAptoIG8PkPigGfhvozNNVgU0LkAuN-x1xHxOALiPMZiZECvMZ7lyjjvRxj1PwcwPIJKPikmlf0HF7bn4AG7bnj9_Gs-6OOAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Eflr_ieR8Ye0zgKCKz5wcJ1ojKQ%26client%3Dca-pub-7619566160263618%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:56:49 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 32B4 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:56:49 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 32B4 308 B
636 B 15ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 27 Jan 2023 03:56:49 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 32B4 507 B
835 B 15ms
13ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 27 Jan 2023 03:56:49 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 32B4 43 B
347 B 18ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=ceVokzqIuRg9IBP6gwNPNSoSd0Vp97vbzdhDwmQIn_7vCWuK56ftGsuzjOnzsINHA2rV74ASqgAqomka5scasll8Z_KS56zL3tnda9Ticr35PGkkooaEWM6AUX6lTKuKuuyqZSxQTgCFXdyth-muYSYuZ2_HixAP3uolrBGRqLk5sc0rnzw-20KJRoM_HExFDJ_IYkVM_y2x9-_tesKDR3hdloT2FK63Kfa7wHPMBe1li5QC-Hj47GoeVPZAxJlHuqU1hJfoTZgQUPt7UPhcn8zowp6g-AvgOZpoM8gpeP4KTJQcgmFJHAJo3hATu4xg3pFEa4cWfQW1i1l21nxK31TasZ3YBg379jiTUvQ8nks0M-FMoyDTVc9-JB6mGAnOBqft817fTeHbWOSL7_938RfycPUhjGt66gXJxjy7kibgYXnTf3TiyEALELAfjCyA3pE-_A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:48 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3163299
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 813C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6b2446fb4c7b7e6ec27c0f41f57fff9baf72220e3de0a036632dd88461bb7e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 32B4 12 KB
5 KB 30ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 331374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wrwEHAobJUYtvK92%2BgHGH39pVgl0%2Bxi6cH8kCO8Z5UgDMHTyqB1Hme%2FLs5Wi%2Fwc72fCGKEIZQQLoMqBmGb1S4pDxMc5xLmACQw1ITL6L1tUk%2BEMUCtKRvD6FmirHJZSlWyaZWVDU1AXyb6F3mKKJk4j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d6840876a039124-FRA
expires: Sun, 22 Jan 2023 03:56:49 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 32B4 12 KB
6 KB 20ms
20ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:56:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 32B4 11 KB
11 KB 49ms
15ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=196&s=mhWwn-irkdD7mZLREJ1cecKL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30521727
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11345
expires: Fri, 20 Jan 2023 10:12:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 32B4 69 KB
69 KB 50ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&v=3&w=400&s=U50QBZteurZUBwwnN0OH3RYn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

260152ce49fdbda7b0f1e2f69d61ce39ba49de9a161971192cdf63af15207dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30694485
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 70472
expires: Sun, 22 Jan 2023 10:11:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 32B4 58 KB
58 KB 98ms
64ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1526544-_x600-nocrop.jpg&v=3&w=400&s=3EfeCKNqWATBAfbKHppwOygr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f83ac55e664bf32f310e796669e32fc8663391ab4dce6555826273d211bb3246

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30709377
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 59290
expires: Sun, 22 Jan 2023 14:19:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 32B4 66 KB
66 KB 84ms
50ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=400&s=BSa_CYNiehYpKpTcNn2jt3hT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4fb565264af26107bb37b1e495c4b4bf768cf212d74a9eb357249a67b5e64923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30717018
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 67290
expires: Sun, 22 Jan 2023 16:27:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 32B4 70 KB
70 KB 90ms
56ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1196894-_x600-nocrop.jpg&v=3&w=400&s=cNEdb3DzSvjB6T9vRe0eTfTu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

709717c33ebd1bf708ea2ae5b86be7454a30585da651715b5b4c3d53827f03a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30691113
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 71428
expires: Sun, 22 Jan 2023 09:15:22 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 32B4 0
127 B 15ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=VpqCs52-j6QJ-FWhNoyoXd7UFcM7FcZfCAkKiAu_z3dLMJAuJqJb5Z7x14MgKSAIdjotq2gNp5YrTWrupfJoFxSz7JkYarksabBMWqFQjgTNHZ0zW5rqv17qIqAl1EhEyHSiwjhfeT8xZWzX7lPBJcYHDARjeuv1DsCDrKXlZZARgzOyCd_QFo_d1dvXXOhEOnwSGnbNtIBZCH7ILy1oQ3gcF6IlaFO-K8KvicFW_NdtaR6xvys6k_fFOLoQr_Dm-iWqS9Cu1unFCNFF&sds=2&rev=80217&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Feb 2022 03:56:48 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 32B4 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:56:49 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 32B4 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:56:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 32B4 2 KB
1009 B 135ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 02:52:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Feb 2022 03:56:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Feb 2022 03:56:49 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 8DDF
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=769949991860154.210902195076452&a=77&e=0100007F80AFF861E4059F5A02906943&pref=https%3A%2F%2Flive4x-afrikans.tk%2F&c=ss:77.up:0100007F80AFF861E4059F5A0290694...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=769949991860154.210902195076452&a=77&e=0100007F80AFF861E4059F5A02906943&pref=https%3A%2F%2Flive4x-afrikans.tk%2F&c=ss:77.up:010000...

49 B
602 B

58ms
58ms

Image
image/gif

185.15.175.131
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=769949991860154.210902195076452&a=77&e=0100007F80AFF861E4059F5A02906943&pref=https%3A%2F%2Flive4x-afrikans.tk%2F&c=ss:77.up:0100007F80AFF861E4059F5A02906943.sync:up.xdua:du624FIB2a6kGBMCxoviEA3T.xps:xpsSIN3ZaYgwnUuyUUJhrgmdX.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

HTTP/1.1

Server

185.15.175.131 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 3
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Tue, 01 Feb 2022 03:56:49 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=769949991860154.210902195076452&a=77&e=0100007F80AFF861E4059F5A02906943&pref=https%3A%2F%2Flive4x-afrikans.tk%2F&c=ss:77.up:0100007F80AFF861E4059F5A02906943.sync:up.xdua:du624FIB2a6kGBMCxoviEA3T.xps:xpsSIN3ZaYgwnUuyUUJhrgmdX.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 8DDF
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=769949991860154.788219524195095&a=77&e=0100007F80AFF861E4059F5A02906943&pref=https%3A%2F%2Flive4x-afrikans.tk%2F&c=ss:77.up:0100007F80AFF861E4059F5A0290694...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=769949991860154.788219524195095&a=77&e=0100007F80AFF861E4059F5A02906943&pref=https%3A%2F%2Flive4x-afrikans.tk%2F&c=ss:77.up:010000...

49 B
602 B

50ms
50ms

Image
image/gif

185.15.175.131
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=769949991860154.788219524195095&a=77&e=0100007F80AFF861E4059F5A02906943&pref=https%3A%2F%2Flive4x-afrikans.tk%2F&c=ss:77.up:0100007F80AFF861E4059F5A02906943.sync:up.xdua:du624FIB2a6kGBMCxoviEA3T.xps:xpsSIN3ZaYgwnUuyUUJhrgmdX.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

HTTP/1.1

Server

185.15.175.131 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 03:56:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 2
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Tue, 01 Feb 2022 03:56:49 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=769949991860154.788219524195095&a=77&e=0100007F80AFF861E4059F5A02906943&pref=https%3A%2F%2Flive4x-afrikans.tk%2F&c=ss:77.up:0100007F80AFF861E4059F5A02906943.sync:up.xdua:du624FIB2a6kGBMCxoviEA3T.xps:xpsSIN3ZaYgwnUuyUUJhrgmdX.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame 32B4 44 KB
45 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:33:58 GMT
x-content-type-options: nosniff
age: 462171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 19:33:58 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame 32B4 46 KB
46 KB 168ms
83ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:33:58 GMT
x-content-type-options: nosniff
age: 462171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 19:33:58 GMT

GET
H2 200 share_button.php Show response
www.facebook.com/v2.8/plugins/ Frame 54BA 58 KB
16 KB 98ms
82ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.8/plugins/share_button.php?app_id=1703687853256452&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6c65935b8dba4%26domain%3Dlive4x-afrikans.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flive4x-afrikans.tk%252Ff5d178587a9d58%26relation%3Dparent.parent&container_width=91&href=https%3A%2F%2Flive4x-afrikans.tk%2F&layout=button&locale=ru_RU&mobile_iframe=true&sdk=joey&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=f8040097bca925c76642009c77f10ebc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6efdfa85e6938271eadac47e00ce99d1d4e2014a36421adc38f53c9fc3e61d58

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v5.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 5Je6Tur29AsmXTDfrDPYbrkMqCW9hPyAWB9mig6SaMiDu4i88MN2KEUB/kYjfQ3gY/2XGDSQZOLMtU8CvrEp+g==
date: Tue, 01 Feb 2022 03:56:49 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 101ms
54ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220126&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

530f0ad54937525611ad4d4b510d4895687d6957d9c5a433533140256c03a876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 03:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9102
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 03:56:49 GMT

GET
H3 200 zSKZHMh8mXU.png
www.facebook.com/rsrc.php/v3/yr/r/ Frame 54BA 388 B
440 B 16ms
7ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/zSKZHMh8mXU.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.8/plugins/share_button.php?app_id=1703687853256452&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6c65935b8dba4%26domain%3Dlive4x-afrikans.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flive4x-afrikans.tk%252Ff5d178587a9d58%26relation%3Dparent.parent&container_width=91&href=https%3A%2F%2Flive4x-afrikans.tk%2F&layout=button&locale=ru_RU&mobile_iframe=true&sdk=joey&size=small

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.8/plugins/share_button.php?app_id=1703687853256452&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6c65935b8dba4%26domain%3Dlive4x-afrikans.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flive4x-afrikans.tk%252Ff5d178587a9d58%26relation%3Dparent.parent&container_width=91&href=https%3A%2F%2Flive4x-afrikans.tk%2F&layout=button&locale=ru_RU&mobile_iframe=true&sdk=joey&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 03:33:04 GMT
x-content-type-options: nosniff
content-md5: mLIKfuTnwd0c8uA9BXg4cQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 388
x-fb-rlafr: 0
x-fb-debug: 1Vbf+kOB9BfxyJuYi2kMM9DuvqYjAaoVUCm/CQjFzXhveuX0r07jCF1aeY4Y6hkXMVeklZp+TL1MkwJsBruRag==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 Jan 2023 03:33:04 GMT

GET
H3 200 mw5VRdcLEVz.js Show response
www.facebook.com/rsrc.php/v3iI4w4/yk/l/ru_RU/ Frame 54BA 521 KB
136 KB 16ms
9ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iI4w4/yk/l/ru_RU/mw5VRdcLEVz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9c81e99c1b2bae99b9ef58eb4af9814ee1037cc817f4ed48d29c405cc1ac489

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.8/plugins/share_button.php?app_id=1703687853256452&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6c65935b8dba4%26domain%3Dlive4x-afrikans.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flive4x-afrikans.tk%252Ff5d178587a9d58%26relation%3Dparent.parent&container_width=91&href=https%3A%2F%2Flive4x-afrikans.tk%2F&layout=button&locale=ru_RU&mobile_iframe=true&sdk=joey&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 09:19:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: y7uIGQIB3NKESpx2p1flGw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 139037
x-fb-rlafr: 0
x-fb-debug: HI3htUuX8l0gC2HUS3ZCQo16CEM6CpMdpts0uUKzPgNdSkLt/o5OM7DdDTikQHpXP7/Qc8qD3HVPYbDRZbj5EQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 Jan 2023 09:19:23 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3077 0
127 B 16ms
16ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Feb 2022 03:56:48 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame 33EE 0
127 B 14ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Feb 2022 03:56:49 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 54BA 67 B
101 B 28ms
27ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1643687809848&t_start=1643687809848&t_domcontent=1643687809859&t_layout=1643687809915&t_onload=1643687809915&t_paint=1643687809915&t_creport=1643687809915&t_tti=1643687809859&lid=7059585384571599177-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.8/plugins/share_button.php?app_id=1703687853256452&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6c65935b8dba4%26domain%3Dlive4x-afrikans.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flive4x-afrikans.tk%252Ff5d178587a9d58%26relation%3Dparent.parent&container_width=91&href=https%3A%2F%2Flive4x-afrikans.tk%2F&layout=button&locale=ru_RU&mobile_iframe=true&sdk=joey&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: VpfyBejOwz5mwjk/6lhDsiPxijjKHjEd3qCJNoPUDLYRUzf7MP7TxtgXaaG4NLiUWL2NdkEAb2sLWGPRu6HrVg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 01 Feb 2022 03:56:49 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A53F 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 00:52:44 GMT
expires: Wed, 01 Feb 2023 00:52:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 11045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DB51 783 B
1 KB 136ms
47ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

09b28ae2b02bfba2ccdd8314aabef532c67a91c2b1a80c526945e070f1d43df3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CgVV+C++Ttd7sWy/sOSO6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 01 Feb 2022 03:56:50 GMT
date: Tue, 01 Feb 2022 03:56:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-CgVV+C++Ttd7sWy/sOSO6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame A53F 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 23:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 23:45:53 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CD2D 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFK98RAYrfj7rZozKCl42hY0AI23I-fSG_sPGqs-VQZ3hXE4AY_uuaGPXl4D8S4f-SjPlNnroqkwokoe1SHD9n&sig=Cg0ArKJSzNEX3CWy4S5fEAE&id=lidar2&mcvt=1013&p=0,0,90,728&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3831289261&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643687808576&rpt=437&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1A16 42 B
64 B 72ms
71ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-cIFZx4MCLKhGdzpp0KlLf4GghgbR1pgNFgIqjaW8jnrpicpMABlKLdgV6XpMXdPx5Z_pEhftlcsNZRroQEDe&sig=Cg0ArKJSzI_g8EkdsOPiEAE&id=lidar2&mcvt=1005&p=0,0,600,160&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=0.69&if=1&app=0&itpl=20&adk=414549888&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643687808571&rpt=467&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DB51 0
0 55ms
54ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220126&jk=1034017684445270&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A53F 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?stk-Tg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220126&jk=1034017684445270&bg=!-fql-r7NAAY6OBv_Ojg7ACkAdvg8Wr4eVBgVT-fNSWFSDz1-KFKEtPDGMzv_w7IMXdN5NLwQDWysLQIAAAB7UgAAAANoAQcKABEHKq6i8Nf5r-n9OisgU7bXfpkC00m7zsXrWMfbCzI2bZ_WHDT11lYrD2RToon79plo1gRNwoR6eLfTtAbX4gfSqRQqHyBGqSYH3FB87tvBYaAAR39e5y2gQ2Qw_huDB_JvmrGjvw_koPIh7UlyMF8UUengbUuYH0tserXm0BaderH1l6SRSQOyTBt3okT3QzOy0MDgJQOOvcfmSktsbzuRL2Ja-2cjTJICJERoVX2qwozmeJcSWiTvwVH0LpLk_czsBQC4pvkc1hP7w78G-o48qNKf6H55P9SlX9vXzSLNxiAt6mL0J6FpqvFNXlKINcRztBgsv1Mbcm-FZ4SuWdxismqyCLIFWEuHGldpGrNWLozwh13f2j-BtvrTyK9T8ZjQ98Q09x1371T36IgZ7tiZH5hDfsuzd3Fa4ux9JgHU7_1FAlrae9pJb26STJxjCbeijPILUumlnw2sdhEq1Ui7skTcBiDO6lQLK8wRZmJa6V-aMq6vVvo54kXjbQ4AiknihUrAiJW9nE45PYISgQ1fFVV7lEIiRckZjuXYKMOFTAkYZ10o5N0oZVG4inFadMJPDwd70rSRsoR4oE87hZXshCUmlKGdrqZvGkfLk4kZypxIkFvL9MJEV03LqvlBYjl8cHgmWqe6w3JA7y6TtUh033ICc95WPPHzPFKuMzHUDT-Dinlv7U8OTTV7ITI8KimEL5JeiqW46BJZ4IsrL_64BOBNzvdolUqvvgOD-MMkcWKQR8LZRNlWt7ETAKkTS7mbTmAT3YwV-LMU8IishVWtiq9DDIVNlk_VJXPC_bjTmHXLurF20cKSvy5HcvChsZ7n_PjBE7f_rhcQvO92AApNPChPhXDEMRqoRwt0e1uKE6NSS2UFAWtkqwkrpwoP0HnurB14FuWmK84GH066S7NrQjNIJW0ByORCVQIqoLdDzLXLb_89kIQ6e2yIYpW1SAjhYg_T5qzefC3cAvjfuat_HJMOgHdIug

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 813C 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyuODKhuMlZNcbTeGT4M9TFN-3hw6-hwGe6aCjUHvch5FIsX7uCc8LGqMb4tg9PJ-8i-ogSvWozpQsYiIxfZfw&sig=Cg0ArKJSzGaRhuK_p7i4EAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=99,766,1000,1127,1166&tos=99,667,234,127,39&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643687808925&rpt=227&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 03:56:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 32B4 0
127 B 14ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Feb 2022 03:56:50 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 11ms
11ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.4.0&uid=c5af25ca-cc3c-420b-971b-b110a490405d&dp=14&tz=%2B00%3A00&nc=78355711&dT=2022-02-01T03%3A56%3A51.778
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live4x-afrikans.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:56:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: live4x-afrikans.tk
URL: http://live4x-afrikans.tk/style.css

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vk.com/	1970-01-20 09:17:58	Name: remixlang Value: 6
.yadro.ru/	1970-01-20 09:19:58	Name: FTID Value: 1X-A-H0mTouF1X-A-H002Ivp
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWH4r4BanwXkQ2mQAvj1ThnINv3ot5hbCci6EmM7mCiG
.yadro.ru/	1970-01-20 09:19:58	Name: VID Value: 2ce-yV0fI9OF1X-A-I00264B
.live4x-afrikans.tk/	1970-01-20 09:56:23	Name: __gads Value: ID=c0700840400ea4d7-226a061931cd0059:T=1643687808:RT=1643687808:S=ALNI_MaWGyf3dQgTwVrESVYglshAPxm33g
live4x-afrikans.tk/	1978-01-11 21:31:40	Name: fid Value: 07ac92ca-2c4e-4cad-8314-40ffb46d2069
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp7v2 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp14v3 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp17 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp32 Value: 1643687808
.acint.net/	1970-01-20 00:36:14	Name: cSyncDp45v3 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp53 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp54v2 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp62 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp67v2 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp68 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp71 Value: 1643687808
.acint.net/	1970-01-20 00:54:57	Name: cSyncDp77 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp84 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp85 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp88 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp95v3 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp101 Value: 1643687808
.acint.net/	1970-01-20 00:54:57	Name: cSyncDp104v2 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp107 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp110 Value: 1643687808
.acint.net/	1970-01-20 00:54:57	Name: cSyncDp111v2 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp112v2 Value: 1643687808
.acint.net/	1970-01-20 00:56:23	Name: cSyncDp125v2 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp126 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp127 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp129 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp136 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp138 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp144 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp146 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp149 Value: 1643687808
.acint.net/	1970-01-20 01:17:59	Name: cSyncDp151 Value: 1643687808
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWH4r4BrfgAiQ5hCAoO/46OWWfbKKKX0CYTdIDU4Q1dV
.doubleclick.net/	1970-01-20 09:56:23	Name: IDE Value: AHWqTUn9RmDWrFKK_hXgd0l8mTbnaK29k4-C0mZqgq3upFNrjrlrmdkJdmdXVXgsnmo
.utraff.com/	1970-01-20 01:18:10	Name: preutid Value: 1
.upravel.com/	1970-01-20 00:34:47	Name: session_tptc Value: 1643687808885
.upravel.com/	1970-01-23 16:10:47	Name: user_id Value: 28b15f3b-1791-4769-a82e-16e6e8b40bea
.adhigh.net/	1970-01-20 09:20:23	Name: gi_u Value: LyLxyqs3CyD.AikABlF-s22PmQ
.mail.ru/	1970-01-20 09:21:50	Name: VID Value: 2S7LRP2ssLY700000a18H4Y7:::0-0-0-7130840:CAASELCyyGn2VExgJcNep-XLhkQaYC8QVl6s0mNIgN1QSy_5tmBvRTeJeR9QBh5PBMpMG4y6pNofaq0EGTA7Cpct2V4hO7vTwi0eA4BMPpAKwPRVNhEccDh6Fp0lyYEx3WCVeMGvMPLNC1-h4m9usAVISIqnTA
.betweendigital.com/	1970-01-20 09:20:23	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 09:20:23	Name: tuuid Value: 47e339bf-7014-5120-b9f1-23a6d8098c26
.betweendigital.com/	1970-01-20 09:20:23	Name: ss Value: 1
.republer.com/	1970-01-20 09:20:23	Name: ruid Value: 886f959c-a133-4713-a977-4c2224efaa30
.adhigh.net/	1970-01-20 09:20:23	Name: sape_sync Value: j0p
.adriver.ru/	1970-01-20 18:05:59	Name: cid Value: ASLaX_P1EkitknWd7n7khuw
.1dmp.io/	1970-01-20 09:20:23	Name: uid Value: fb4a18f0-8312-11ec-a15e-901b0e8d6a9d
.betweendigital.com/	1970-01-20 09:20:23	Name: ut Value: YfivgQAAgOgaCokaiImjfBwIhtGRZV5ARuS5bg==
.adsniper.ru/	1970-01-27 07:46:47	Name: uuid3 Value: IiRmYjUzMzNjYy04MzEyLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.bumlam.com/	1970-01-27 07:46:47	Name: suuid3 Value: IiRmYjUzMzNjYy04MzEyLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.uuidksinc.net/	1970-01-20 09:20:23	Name: jcsuuid Value: nDYyogJQtVJuTPiGewPn
.rktch.com/	1970-01-20 01:17:59	Name: b_uid Value: 3534929d75de41a6aa0e30d262850b76495b
.advarkads.com/	1970-01-20 18:05:59	Name: u Value: EAJzR9N-mkecjTO4aNxMcw
.mts.ru/	1970-01-20 09:07:26	Name: dspid Value: 3c7dc881-c350-480c-884c-c83e5b347e14
.rutarget.ru/	1970-01-20 04:53:59	Name: userId Value: WYkdaRwQztrE
ssp.bidvol.com/	1970-02-13 21:06:11	Name: bvuid Value: oe88oxmy8y
.weborama.fr/	1970-01-20 10:06:28	Name: AFFICHE_W Value: LzBEbaUAmJ4v31
.gnezdo.ru/	1970-01-25 20:05:16	Name: uid Value: XV9maWH4r4Goi4dugO0yAg==
.yandex.ru/	1970-01-23 16:10:47	Name: yuidss Value: 7055094331643687809
.yandex.ru/	1970-01-23 16:10:47	Name: yandexuid Value: 7055094331643687809
.aidata.io/	1970-01-20 18:05:59	Name: __upin Value: GySg+yxO5VSLg6OFX/I8Xw
.aidata.io/	1970-01-20 18:05:59	Name: __upints Value: 1643687809
.ops.beeline.ru/	1970-01-20 09:07:26	Name: BeeAID Value: 8e75525c-7923-4fc4-bc55-e89e963f9a86
x01.aidata.io/	1970-01-20 00:39:07	Name: mts Value: 1
.mts.ru/	1970-01-23 14:58:47	Name: mts_id Value: 67a0c360-8cce-409b-a405-a7438b158810
.mts.ru/	1970-01-23 14:58:47	Name: mts_id_last_sync Value: 1643687809
.dmg.digitaltarget.ru/	1970-01-21 02:29:59	Name: viuserid Value: GpFVxXt54RDdqM57Va4.

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://live4x-afrikans.tk/ Message: Mixed Content: The page at 'https://live4x-afrikans.tk/' was loaded over HTTPS, but requested an insecure element 'http://live4x-afrikans.tk/foto/vverx.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://live4x-afrikans.tk/ Message: Mixed Content: The page at 'https://live4x-afrikans.tk/' was loaded over HTTPS, but requested an insecure element 'http://live4x-afrikans.tk/foto/struct/SHAPKA.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://live4x-afrikans.tk/ Message: Mixed Content: The page at 'https://live4x-afrikans.tk/' was loaded over HTTPS, but requested an insecure element 'http://mini-sam.ru/foto/donation.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://live4x-afrikans.tk/ Message: Mixed Content: The page at 'https://live4x-afrikans.tk/' was loaded over HTTPS, but requested an insecure element 'http://it-koder.tk/foto/cpa_foto/ManPlus_167_607_%20copy.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://live4x-afrikans.tk/ Message: Mixed Content: The page at 'https://live4x-afrikans.tk/' was loaded over HTTPS, but requested an insecure element 'http://it-koder.tk/foto/cpa_foto/ManPlus_307_259_%20copy.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://live4x-afrikans.tk/(Line 246) Message: Mixed Content: The page at 'https://live4x-afrikans.tk/' was loaded over HTTPS, but requested an insecure stylesheet 'http://live4x-afrikans.tk/style.css'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://live4x-afrikans.tk/ Message: Mixed Content: The page at 'https://live4x-afrikans.tk/' was loaded over HTTPS, but requested an insecure element 'http://live4x-afrikans.tk/foto/vverx.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://live4x-afrikans.tk/ Message: Mixed Content: The page at 'https://live4x-afrikans.tk/' was loaded over HTTPS, but requested an insecure element 'http://live4x-afrikans.tk/foto/struct/SHAPKA.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://live4x-afrikans.tk/ Message: Mixed Content: The page at 'https://live4x-afrikans.tk/' was loaded over HTTPS, but requested an insecure element 'http://mini-sam.ru/foto/donation.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://live4x-afrikans.tk/(Line 342) Message: Mixed Content: The page at 'https://live4x-afrikans.tk/' was loaded over HTTPS, but requested an insecure element 'http://it-koder.tk/foto/cpa_foto/ManPlus_167_607_%20copy.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://live4x-afrikans.tk/(Line 449) Message: Mixed Content: The page at 'https://live4x-afrikans.tk/' was loaded over HTTPS, but requested an insecure element 'http://it-koder.tk/foto/cpa_foto/ManPlus_307_259_%20copy.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://live4x-afrikans.tk/foto/forsite/fon.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://relap.io/partners/sprcs?uid=0100007F80AFF861E4059F5A02906943 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f80aff861e4059f5a02906943-sp.ops.beeline.ru
28b15f3b-1791-4769-a82e-16e6e8b40bea.sync.upravel.com
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.adlook.me
ads.betweendigital.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
an.yandex.ru
api.advarkads.com
cat.nl.eu.criteo.com
cdn-rtb.sape.ru
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
counter.yadro.ru
csm.eu.criteo.net
dm-eu.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
it-koder.tk
live4x-afrikans.tk
match.new-programmatic.com
mini-sam.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.konnektu.ru
platform.twitter.com
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
stat.adlabs.ru
static.criteo.net
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync.upravel.com
sync3.adsniper.ru
syndication.twitter.com
tag.digitaltarget.ru
tech.rtb.mts.ru
tpc.googlesyndication.com
ut.rktch.com
vk.com
www.acint.net
www.facebook.com
www.google.com
www.googletagservices.com
x01.aidata.io
live4x-afrikans.tk
104.244.42.72
109.248.237.37
130.193.58.13
138.201.65.74
142.250.184.194
142.250.185.226
144.76.138.28
148.251.156.238
157.90.179.219
176.122.21.139
178.250.0.139
178.250.2.148
178.250.2.150
185.147.80.35
185.15.175.131
185.15.175.144
188.42.29.165
194.190.117.94
194.190.76.45
195.201.243.72
195.209.108.48
213.87.44.187
217.65.2.150
217.66.147.164
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:457
2606:4700:3039::6815:c07c
2606:4700::6810:135e
2a00:1148:db00::17
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a02:2638:1::11
2a02:2638:1::2
2a02:2638::2
2a02:2638::3
2a02:6b8::90
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
31.129.244.168
31.172.81.158
31.172.81.172
31.220.27.134
35.190.16.14
37.18.103.21
37.9.245.57
46.4.114.109
65.108.1.47
78.46.16.13
80.64.106.152
81.222.128.216
87.240.190.78
88.212.201.204
88.212.233.108
88.99.149.88
89.108.119.28
89.108.97.2
93.95.102.105
95.163.37.253
95.181.171.231
95.211.66.35
01ad586a23cf27d49a6766dd07f7d185b312ba0db1a9296b44060568f199633a
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
03333e8487b65839387c9cdecc9a112b7e41570d728a2ab48c7ed89aab72145f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b28ae2b02bfba2ccdd8314aabef532c67a91c2b1a80c526945e070f1d43df3
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0b28a2aa8ae2cc469fc77cde60ed83fd6176df58e4d15558e5dbbf690e8dedd8
0d8c911a9c7973cb8d6ecac1353a00b09e1d6df4f655b3040a52102f0c0e34e2
0ea16deb266788cc94938f81eda1c6c07e6ce11cf8cad9f1879f562a711f2ed6
0f7c23a6b0a61389ae589b3e0bd3ed61d359fa9f1e4cf94fed7411c01c2bf051
13dc640e3bc4ef9e31b7156233747df145533a76ecf052cff474e388637ecbf0
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1f6bd4bab5ba0fccdcbec1e12f6f053eea6c9230b64cc70ba06fe2b54d26dc99
23cf55829ae208fcc398be6eecfb05bf9be0aa86442577844ddc9062fc37ebf3
260152ce49fdbda7b0f1e2f69d61ce39ba49de9a161971192cdf63af15207dbf
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
30ded2c0f4a0da37794c8205cae9328c27a243368b1963604367154275386c18
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
466a7a040c068a04a0c88bc793cca7b89e0883e25eef53d8939b180c40f56f1f
4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb565264af26107bb37b1e495c4b4bf768cf212d74a9eb357249a67b5e64923
52b2c1793b47f5482d007dc995faef126f9e97ce1d6852cfb4888303ca45c044
530f0ad54937525611ad4d4b510d4895687d6957d9c5a433533140256c03a876
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9070b7d26e136743648a67bb6e9377d59b3d49e0d7dd2272562bccd9fecbd
59b725fc2d95372e5d5240c99aaa158b782ff9fc98ac5ad6a6c3385ffcf7822e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631485082735bf548eeeaef58fb409fefed685432666d06baaf1da7a60a0ae1e
6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67
6efdfa85e6938271eadac47e00ce99d1d4e2014a36421adc38f53c9fc3e61d58
709717c33ebd1bf708ea2ae5b86be7454a30585da651715b5b4c3d53827f03a2
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
795f54abe4c7e50e0e8660072b1dcd39fee335a82516349eef9f49ef888e1cf2
7a85656739d160967fac088d9a1551c3a2d039224d785ac0a50c0ba3b2e7a159
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d132fc302e8b8e461a6947d075dbbc6a58d36a4f463ddd485d865d55189aab4
8def487b875a463b6a2170022a2228c89b0e31f56ae226c336d53cad05906310
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
92e3a433c7cd57f7f76405917626c5ca0ea600fda464df3f4c8b5a6c6990f6c1
95eb3b0fb2f1614be46dfffb13b1ab1235dc177a5e079c3e503b833e682d6748
99da2f39a34bad0d2390d594eb160fab31ea8ab1e0b1803d969cb4b74ecd11c4
9b2d38aa94b4c04f11d5b8c40307b5ef4a21e8a22b29166505e4bd12d28fdc88
a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a133c1dfb792fd46cdf3307861d230fc063aa9d034a8f2e17ad418e054118091
a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc
af3776e34db856aa03eb8cf03789a385869df0d29d729755f23f33a8f597cf6c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c872a9c2a35748b059f52f001e90086a6d9a81dcfcead3ae619222cf5c0cac37
c9f9937a2798feb904cb24d69529e2e92570e92cfc9098a07605350c860fd376
cd73a46fc8b9fbca6699091ed3fe52e805e74cf77d4b4316f205b11f07bb8922
cdc1e94ac3f0716e3bbbb493c3933579e3e80f5e3e5a7d0c3992bd2412370fc4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d31d4ca0131cf392d058bc80538ccb9867d298954d3b6a883c7a9c64dc7b8afa
d43c1d69f51d11af536e78f0b520e5379c79a063d34f8edf51ed150d342b2eb9
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4adc260fa5bff268e2359ba73814e154d7e3cd828dd946b8076d6b5129218a3
e6b2446fb4c7b7e6ec27c0f41f57fff9baf72220e3de0a036632dd88461bb7e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f83ac55e664bf32f310e796669e32fc8663391ab4dce6555826273d211bb3246
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
f9c81e99c1b2bae99b9ef58eb4af9814ee1037cc817f4ed48d29c405cc1ac489
fb9c1181bc24c5d0ec2bd5e3410f406e97971b4b66b6d3a1614abdc27e1d2479
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1

live4x-afrikans.tk Open in urlscan Pro 31.129.244.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

158 Requests

84 %HTTPS

30 %IPv6

53 Domains

69 Subdomains

47 IPs

8 Countries

2361 kBTransfer

4356 kBSize

72 Cookies

5 Outgoing links

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

live4x-afrikans.tk Open in urlscan Pro
31.129.244.168 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

84 %
HTTPS

30 %
IPv6

53
Domains

69
Subdomains

47
IPs

8
Countries

2361 kB
Transfer

4356 kB
Size

72
Cookies

158 HTTP transactions
4 data transactions