gdzwow.com Open in urlscan Pro
89.108.93.146 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tuberculosis.ru/
Effective URL:
https://gdzwow.com/
Submission: On May 14 via api (May 14th 2022, 9:51:37 am UTC) from US — Scanned from US

Summary HTTP 153 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 26 domains to perform 153 HTTP transactions. The main IP is 89.108.93.146, located in Russian Federation and belongs to AS-REG, RU. The main domain is gdzwow.com.
TLS certificate: Issued by R3 on March 25th 2022. Valid for: 3 months.

This is the only time gdzwow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a03:f480:1:1... 2a03:f480:1:11::8b	198068 (PAGM-AS) (PAGM-AS)
1 11	89.108.93.146 89.108.93.146	197695 (AS-REG) (AS-REG)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
2	87.240.139.194 87.240.139.194	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
2	46.4.104.244 46.4.104.244	24940 (HETZNER-AS) (HETZNER-AS)
2	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3031::6815:22c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
7	2606:4700:303... 2606:4700:3035::6815:49ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:6b8:a::a 2a02:6b8:a::a	() ()
2	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	() ()
3	2607:f8b0:400... 2607:f8b0:4006:80f::2002	() ()
16	2a00:1148:db0... 2a00:1148:db00::17	() ()
1	142.250.72.98 142.250.72.98	() ()
1	2607:f8b0:400... 2607:f8b0:4006:80e::2002	() ()
3	2607:f8b0:400... 2607:f8b0:4006:822::2001	() ()
26	151.236.127.145 151.236.127.145	() ()
1	2a02:6b8::16b 2a02:6b8::16b	() ()
5	2a02:6b8:20::215 2a02:6b8:20::215	() ()
1	2607:f8b0:400... 2607:f8b0:4006:80f::2004	() ()
9 19	104.16.200.58 104.16.200.58	() ()
1 13	96.46.183.20 96.46.183.20	() ()
1 10	2001:6d0:4001... 2001:6d0:4001::226	() ()
1	87.240.129.181 87.240.129.181	() ()
9	2606:4700::68... 2606:4700::6810:78c3	() ()
153	27

1 2a03:f480:1:11::8b (Estonia) 1 redirects

ASN198068 (PAGM-AS, EE)

tuberculosis.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 89.108.93.146 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: gdz.com

gdzwow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.139.194 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv194-139-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.4.104.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.104.4.46.clients.your-server.de

www.prbcdn.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::6815:22c2 (United States)

ASN13335 (CLOUDFLARENET, US)

newrrb.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80c::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3035::6815:49ba (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adrun.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:a::a (None, )

ASN- ()

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (None, ) 3 redirects

ASN- ()

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1148:db00::17 (None, )

ASN- ()

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.98 (None, )

ASN- ()

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 151.236.127.145 (None, )

ASN- ()

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (None, )

ASN- ()

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:20::215 (None, )

ASN- ()

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.16.200.58 (None, ) 9 redirects

ASN- ()

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 96.46.183.20 (None, ) 1 redirects

ASN- ()

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lbs-us-east1.ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2001:6d0:4001::226 (None, ) 1 redirects

ASN- ()

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.129.181 (None, )

ASN- ()

login.vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:78c3 (None, )

ASN- ()

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	betweendigital.com 1 redirects cache.betweendigital.com ads.betweendigital.com lbs-us-east1.ads.betweendigital.com	620 KB
19	yabidos.com 9 redirects pixel.yabidos.com	41 KB
16	mail.ru ad.mail.ru	561 KB
11	gdzwow.com 1 redirects gdzwow.com	349 KB
10	tns-counter.ru 1 redirects www.tns-counter.ru	4 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com	256 KB
9	glotgrx.com pre.glotgrx.com	1 KB
8	yandex.com 2 redirects mc.yandex.com	3 KB
7	adrun.ru cdn.adrun.ru — Cisco Umbrella Rank: 602934	33 KB
5	yastatic.net yastatic.net	178 KB
5	yandex.ru 1 redirects yandex.ru mc.yandex.ru matchid.adfox.yandex.ru	181 KB
3	doubleclick.net googleads.g.doubleclick.net	5 KB
3	newrrb.bid newrrb.bid — Cisco Umbrella Rank: 304016	21 KB
3	vk.com vk.com — Cisco Umbrella Rank: 4979 login.vk.com	47 KB
2	google.com adservice.google.com www.google.com	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	gstatic.com fonts.gstatic.com	69 KB
2	prbcdn.ru www.prbcdn.ru	9 KB
1	googleadservices.com partner.googleadservices.com	643 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 714	7 KB
1	tuberculosis.ru 1 redirects tuberculosis.ru	192 B
0	adhigh.net Failed px.adhigh.net Failed
0	otm-r.com Failed sync.dmp.otm-r.com Failed
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
0	bidswitch.net Failed x.bidswitch.net Failed
153	26

	Domain	Requested by
26	cache.betweendigital.com	cdn.adrun.ru cache.betweendigital.com ads.betweendigital.com lbs-us-east1.ads.betweendigital.com
19	pixel.yabidos.com	9 redirects pixel.yabidos.com
16	ad.mail.ru	cdn.adrun.ru ad.mail.ru cache.betweendigital.com
11	gdzwow.com	1 redirects gdzwow.com www.prbcdn.ru
10	www.tns-counter.ru	1 redirects
9	pre.glotgrx.com
8	mc.yandex.com	2 redirects cache.betweendigital.com
7	ads.betweendigital.com	1 redirects cache.betweendigital.com
7	cdn.adrun.ru	gdzwow.com cdn.adrun.ru
7	pagead2.googlesyndication.com	gdzwow.com pagead2.googlesyndication.com cdn.adrun.ru tpc.googlesyndication.com
6	lbs-us-east1.ads.betweendigital.com	ads.betweendigital.com
5	yastatic.net	yandex.ru
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	newrrb.bid	gdzwow.com newrrb.bid
2	mc.yandex.ru	1 redirects gdzwow.com
2	www.google-analytics.com	gdzwow.com www.google-analytics.com
2	yandex.ru	gdzwow.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.prbcdn.ru	gdzwow.com www.prbcdn.ru
2	vk.com	gdzwow.com ad.mail.ru
1	login.vk.com	vk.com
1	www.google.com	tpc.googlesyndication.com
1	matchid.adfox.yandex.ru	yandex.ru
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	gdzwow.com
1	maxcdn.bootstrapcdn.com	gdzwow.com
1	tuberculosis.ru	1 redirects
0	px.adhigh.net Failed	ads.betweendigital.com
0	sync.dmp.otm-r.com Failed	ads.betweendigital.com
0	mitdmp.whiteboxdigital.ru Failed	ads.betweendigital.com
0	x.bidswitch.net Failed	ads.betweendigital.com
153	33

This site contains no links.

Subject Issuer	Validity	Valid
gdzwow.com R3	`2022-03-25` - `2022-06-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-04` - `2023-04-03`	a year	crt.sh
www.prbcdn.ru R3	`2022-04-07` - `2022-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.adrun.ru E1	`2022-04-30` - `2022-07-29`	3 months	crt.sh
yandex.ru Yandex CA	`2022-02-17` - `2022-08-16`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-24` - `2023-02-24`	a year	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2022-02-05` - `2022-07-31`	6 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2021-12-10` - `2022-12-31`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://gdzwow.com/
Frame ID: 908C233C894D30E91B856DEEF7143456
Requests: 126 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html
Frame ID: 712FE0F411FEEF411E415FE202753893
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4135997202708750&output=html&adk=1812271804&adf=1573534164&lmt=1652521881&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgdzwow.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652521886077&bpp=17&bdt=4704&idt=568&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2723604641866&frm=20&pv=2&ga_vid=1599047954.1652521886&ga_sid=1652521887&ga_hid=1468149929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44762584%2C31065742%2C31067560%2C31067419%2C31067488&oid=2&pvsid=3693014854255696&pem=204&tmod=1527157441&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=716
Frame ID: 50D0B3725AAB8134268D1FA7D7AE0468
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9465790332962370&output=html&h=250&slotname=7997859961&adk=1651047503&adf=440221400&pi=t.ma~as.7997859961&w=300&lmt=1652521881&psa=0&format=300x250&url=https%3A%2F%2Fgdzwow.com%2F&alternate_ad_url=https%3A%2F%2Fcdn.adrun.ru%2Ffast%2Fgoogle_fallback.php%3Fblock%3D16-76&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652521887032&bpp=31&bdt=5659&idt=31&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2723604641866&frm=20&pv=2&ga_vid=1599047954.1652521886&ga_sid=1652521887&ga_hid=1468149929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=893&ady=3479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44762584%2C31065742%2C31067560%2C31067419%2C31067488&oid=2&pvsid=3693014854255696&pem=204&tmod=1527157441&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wCINtMzfxY&p=https%3A//gdzwow.com&dtd=73
Frame ID: 8D3135F95C50C220ABB16BE517D61101
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 89F2AF5367FDE570889F97EECD51CEEB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2575535F85CB14456D64A5DB45B99CA6
Requests: 2 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: D215E52DB3AACA9D98FBFCF564E82BDF
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=9968618931729048&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ%3D%3D&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=4034815&jst=ai&crf=1
Frame ID: 2712D8429B723ED150427E52BBEF6972
Requests: 7 HTTP requests in this frame

Frame: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2669694173300954&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=580&h=400&s=3988109&jst=ai
Frame ID: D66C7267CA8FAA77DA6AFCC7DAB51742
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=6893180484092114&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=3987312&jst=ai
Frame ID: D0DD6268A378091DA137C873D798E297
Requests: 3 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a65ba0fd-282d-5386-ac12-59bcce6d221d&CACHEBUSTER=427288
Frame ID: BCDED51542668F84CFEE3E480BDA1D82
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=6075216362457858&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=4034816&jst=ai
Frame ID: E3845638C95159A6DF4E2FA108295DCB
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=8227616404719653&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=3987313&jst=ai
Frame ID: D6B141B2D85F3B540FA5964D53213543
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=3081537239607481.5&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=580&h=400&s=3988110&jst=ai
Frame ID: FB6625691E6BB194AD712C4946854466
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ГДЗ (решебники) для 1-11 классов по всем предметам - GDZwow

Page URL History Show full URLs

http://tuberculosis.ru/ HTTP 301
http://gdzwow.com/ HTTP 301
https://gdzwow.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

153
Requests

86 %
HTTPS

70 %
IPv6

26
Domains

33
Subdomains

27
IPs

4
Countries

2401 kB
Transfer

6831 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tuberculosis.ru/ HTTP 301
http://gdzwow.com/ HTTP 301
https://gdzwow.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9638.1eHQo3ISumWLHPsiiQWh0t1RnuAgq7NtgPVhHIFBykM3ILnbVoo1_RRK_MCcnqBp.ytKW_kbHhqHtiSWFVtS78-SEU0Q%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9638.NQbEZ7cRwuwfoNQWyiENWNLXdEqL_b_qcidVLByfWRQt_iCupKNFrIvLGdPTQUL-wAx0fovT3snn1yWZ_WX4w1Sxewq4Uitbu7QQZDpD9vc%2C.ltLQnrFcRf5gkTuxdnloqBQYPfM%2C

Request Chain 71

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034815&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034815&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 72

https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=9968618931729048&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=4034815&jst=ai HTTP 302
https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=9968618931729048&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ%3D%3D&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=4034815&jst=ai&crf=1

Request Chain 73

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/53878831 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/53878831

Request Chain 74

https://mc.yandex.com/watch/39977385?wmode=7&page-url=https%3A%2F%2Fgdzwow.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A4777%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A858685577777%3Ahid%3A564949233%3Az%3A0%3Ai%3A20220514095127%3Aet%3A1652521888%3Ac%3A1%3Arn%3A158006675%3Arqn%3A1%3Au%3A1652521888499376618%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652521878860%3Ads%3A0%2C273%2C142%2C367%2C2081%2C0%2C%2C653%2C0%2C6369%2C6369%2C11%2C3519%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652521889%3At%3A%D0%93%D0%94%D0%97%20(%D1%80%D0%B5%D1%88%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8)%20%D0%B4%D0%BB%D1%8F%201-11%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BE%D0%B2%20%D0%BF%D0%BE%20%D0%B2%D1%81%D0%B5%D0%BC%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B0%D0%BC%20-%20GDZwow&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/39977385/1?wmode=7&page-url=https%3A%2F%2Fgdzwow.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A4777%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A858685577777%3Ahid%3A564949233%3Az%3A0%3Ai%3A20220514095127%3Aet%3A1652521888%3Ac%3A1%3Arn%3A158006675%3Arqn%3A1%3Au%3A1652521888499376618%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652521878860%3Ads%3A0%2C273%2C142%2C367%2C2081%2C0%2C%2C653%2C0%2C6369%2C6369%2C11%2C3519%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652521889%3At%3A%D0%93%D0%94%D0%97%20%28%D1%80%D0%B5%D1%88%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%29%20%D0%B4%D0%BB%D1%8F%201-11%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BE%D0%B2%20%D0%BF%D0%BE%20%D0%B2%D1%81%D0%B5%D0%BC%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B0%D0%BC%20-%20GDZwow&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 83

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988109&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988109&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 86

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987312&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987312&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 107

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034816&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034816&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 120

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987313&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987313&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 123

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988110&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988110&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 137

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034817&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034817&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 146

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987314&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987314&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 152

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988111&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988111&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

153 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gdzwow.com/
Redirect Chain

http://tuberculosis.ru/
http://gdzwow.com/
https://gdzwow.com/

479 KB
99 KB

416ms
142ms

Document
text/html

89.108.93.146
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://gdzwow.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.108.93.146 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

gdz.com

Software

nginx /

Resource Hash

d3aaec308e098a6815af4f53a511e33fbd3e0c3cc2f406bd137b0e69dee634e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 14 May 2022 09:51:21 GMT
last-modified: Sat, 14 May 2022 09:51:21 GMT
server: nginx
strict-transport-security: max-age=63072000
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sat, 14 May 2022 09:51:20 GMT
Location: https://gdzwow.com/
Server: nginx
Strict-Transport-Security: max-age=63072000

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 73ms
26ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: gdzwow.com
URL: https://gdzwow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 625, 617, 617
age: 1241165
cdn-cachedat: 2021-04-29 19:29:25
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a08c09fb58de2dad864d0c79626d9ced
cf-ray: 70b2bc201d4ed157-BUF
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 136ms
39ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C700&display=swap

Requested by

Host: gdzwow.com
URL: https://gdzwow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

097b94827583da54a6882028055fd2604102bf5646b1209d22dc98ac2203d1ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 14 May 2022 09:51:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 14 May 2022 09:51:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 May 2022 09:51:21 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 104 KB
23 KB 422ms
133ms Script
application/x-javascript 87.240.139.194
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?168
Requested by: Host: gdzwow.com
URL: https://gdzwow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv194-139-240-87.vk.com
Software: kittenx /
Resource Hash: f036531b5f9e56993ce2f6c3677bb3b3734859f9747fca67a7095f25095330bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:22 GMT
content-encoding: br
x-frontend: front609307
last-modified: Tue, 15 Mar 2022 10:42:47 GMT
server: kittenx
etag: "62306da7-5b1b"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 23323
expires: Wed, 18 May 2022 09:51:22 GMT

GET
H2 200 fXrdlGgJ.js Show response
www.prbcdn.ru/pjs/ 33 KB
8 KB 948ms
120ms Script
application/javascript 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prbcdn.ru/pjs/fXrdlGgJ.js

Requested by

Host: gdzwow.com
URL: https://gdzwow.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

e8f341cc293a3d0b733387cfba00075878854f6dd9902998c40eeb87644ec5c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:22 GMT
content-encoding: br
last-modified: Thu, 07 Apr 2022 11:18:22 GMT
server: nginx
etag: W/"624ec87e-821e"
strict-transport-security: max-age=63072000
content-type: application/javascript
cache-control: max-age=600, public, must_revalidate
expires: Sat, 14 May 2022 10:01:22 GMT

GET
H2 200 gdzwow-logo.png
gdzwow.com/wp-content/uploads/2020/07/ 6 KB
4 KB 161ms
144ms Image
image/png 89.108.93.146
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdzwow.com/wp-content/uploads/2020/07/gdzwow-logo.png
Requested by: Host: gdzwow.com
URL: https://gdzwow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.93.146 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: gdz.com
Software: nginx /
Resource Hash: 89727219f4964bb6c6e8105136a1108259515d70dc5bcc5d2623c26a3dd953d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:22 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 02:49:58 GMT
server: nginx
etag: W/"5fcc46d6-1655"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazyload.min.js Show response
gdzwow.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 8 KB
3 KB 154ms
150ms Script
application/javascript 89.108.93.146
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gdzwow.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by: Host: gdzwow.com
URL: https://gdzwow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.93.146 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: gdz.com
Software: nginx /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:22 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 02:03:41 GMT
server: nginx
etag: W/"5fcc3bfd-1ed2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 359 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cbb565231612d7b5e2415d6e24372a9474106d7090a630a075bbbacecb1d727

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 969 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 401503518894f575673732c689a7885c78bb615900c0c3f726765eb4ce6aa799

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 290 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5aab9ecebd2bc2f003980fdde59b97aad0fd105312d99fa50fcab580099aaf3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 442 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17df1f2891553baf6c74c4eef8cd0dd9fb73a5669f9f89d67183a8bfe41acfd2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 626 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e9cca040634f071c068f7f483dfeef82d8589b4082c8cbdc5301951647ba71b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 544 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 255df06063ef8b4f994c1ae9d232d7c4f27c95b853a68fd9c03e31f4dd6b0031

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4192547933c47032776c86cc04805a86655e4580d0c82b46787a120fcd96c146

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ 24 KB
24 KB 131ms
63ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gdzwow.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:45:22 GMT
x-content-type-options: nosniff
age: 223560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 19:45:22 GMT

GET
H2 200 wpshop-core.ttf
gdzwow.com/wp-content/themes/reboot/assets/fonts/ 57 KB
26 KB 147ms
143ms Font
application/octet-stream 89.108.93.146
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://gdzwow.com/wp-content/themes/reboot/assets/fonts/wpshop-core.ttf?bz30xv

Requested by

Host: gdzwow.com
URL: https://gdzwow.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.108.93.146 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

gdz.com

Software

nginx /

Resource Hash

973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://gdzwow.com/
Origin: https://gdzwow.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:22 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 22:58:08 GMT
server: nginx
etag: W/"5efd1500-e52c"
vary: Accept-Encoding
content-type: application/octet-stream
strict-transport-security: max-age=63072000

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 85ms
23ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gdzwow.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:32:38 GMT
x-content-type-options: nosniff
age: 224324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 19:32:38 GMT

GET
H2 200 2-298x400.jpg
gdzwow.com/wp-content/uploads/2022/04/ 48 KB
32 KB 265ms
264ms Image
image/jpeg 89.108.93.146
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdzwow.com/wp-content/uploads/2022/04/2-298x400.jpg
Requested by: Host: gdzwow.com
URL: https://gdzwow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.93.146 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: gdz.com
Software: nginx /
Resource Hash: 26f01504c925dc2caacde71c78ec0cbbd0dbd510c0b3e483b754ffc9eb62e9d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:23 GMT
content-encoding: gzip
last-modified: Fri, 01 Apr 2022 10:55:46 GMT
server: nginx
etag: W/"6246da32-c0d4"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1-15-289x400.jpg
gdzwow.com/wp-content/uploads/2022/03/ 53 KB
36 KB 389ms
388ms Image
image/jpeg 89.108.93.146
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdzwow.com/wp-content/uploads/2022/03/1-15-289x400.jpg
Requested by: Host: gdzwow.com
URL: https://gdzwow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.93.146 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: gdz.com
Software: nginx /
Resource Hash: eafb477ee59ae3747d8b1b9d0e613b00b099238d9b2a847915edcc94cb5b053e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:23 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 11:26:08 GMT
server: nginx
etag: W/"62458fd0-d3cc"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1-14-283x400.jpg
gdzwow.com/wp-content/uploads/2022/03/ 43 KB
26 KB 386ms
385ms Image
image/jpeg 89.108.93.146
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdzwow.com/wp-content/uploads/2022/03/1-14-283x400.jpg
Requested by: Host: gdzwow.com
URL: https://gdzwow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.93.146 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: gdz.com
Software: nginx /
Resource Hash: df54da8bbf284d2dd660b1393cd4779514b3eb84842fa4dced2f6d113dfb9882

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:23 GMT
content-encoding: gzip
last-modified: Mon, 28 Mar 2022 13:57:35 GMT
server: nginx
etag: W/"6241becf-aac8"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1-13-294x400.jpg
gdzwow.com/wp-content/uploads/2022/03/ 47 KB
31 KB 501ms
500ms Image
image/jpeg 89.108.93.146
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdzwow.com/wp-content/uploads/2022/03/1-13-294x400.jpg
Requested by: Host: gdzwow.com
URL: https://gdzwow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.93.146 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: gdz.com
Software: nginx /
Resource Hash: 1d0e94cabe5929f27d3f5ae3455c69c01c6f28c49116ada02e245705b25549e6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:23 GMT
content-encoding: gzip
last-modified: Fri, 25 Mar 2022 14:12:20 GMT
server: nginx
etag: W/"623dcdc4-bdf5"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 autoptimize_a4cf94b43a54ec39e3e2cfcab7bc59ce.js Show response
gdzwow.com/wp-content/cache/autoptimize/js/ 361 KB
91 KB 365ms
364ms Script
application/javascript 89.108.93.146
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gdzwow.com/wp-content/cache/autoptimize/js/autoptimize_a4cf94b43a54ec39e3e2cfcab7bc59ce.js
Requested by: Host: gdzwow.com
URL: https://gdzwow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.93.146 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: gdz.com
Software: nginx /
Resource Hash: f587299c3ebd6ccab3ca19f9830d2d7c4390b826425a4dbc340885a86b4fccd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:23 GMT
content-encoding: gzip
last-modified: Fri, 15 Apr 2022 07:06:19 GMT
server: nginx
etag: W/"6259196b-5a436"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sfXrdlGgJ.js Show response
gdzwow.com/ 47 B
252 B 1458ms
1441ms XHR
application/javascript 89.108.93.146
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gdzwow.com/sfXrdlGgJ.js
Requested by: Host: www.prbcdn.ru
URL: https://www.prbcdn.ru/pjs/fXrdlGgJ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.93.146 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: gdz.com
Software: nginx /
Resource Hash: fe37438db4230a582b6342588d9d14957f1a52e60a4fab2e06a802c7dc387623

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:23 GMT
last-modified: Thu, 07 Apr 2022 11:21:14 GMT
server: nginx
etag: "624ec92a-2f"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 47
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie Show response
www.prbcdn.ru/ 2 B
178 B 123ms
83ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prbcdn.ru/cookie?sub_u=1

Requested by

Host: www.prbcdn.ru
URL: https://www.prbcdn.ru/pjs/fXrdlGgJ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://gdzwow.com
date: Sat, 14 May 2022 09:51:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 2
strict-transport-security: max-age=63072000
content-type: application/json

GET
H2 200 17e7g.min.js Show response
newrrb.bid/ 66 KB
20 KB 502ms
429ms Script
text/javascript 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/17e7g.min.js

Requested by

Host: gdzwow.com
URL: https://gdzwow.com/wp-content/cache/autoptimize/js/autoptimize_a4cf94b43a54ec39e3e2cfcab7bc59ce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a8e582ffaf88140ef253b6fc848ca9b50ad3a5f26f35e16791271bed5af1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
duration: 313577
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 14 May 2022 09:32:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uolv73uSpIf%2BR8XxvzbOnOcUlQVuldfjOppdO%2FL5ndKQhRnL7hjrsRVlNggviuVk4Nl%2FkrZy%2BkViORW5b8%2FKIhpp1b8B3asXcGJVUYr4Gc3X5r5wAvBlAy3t3FbegyLW8i8L%2BYAyy1Ht"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 70b2bc39a961333c-EWR
access-control-allow-headers: *
expires: Sat, 14-May-2022 12:56:25 EEST

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 158 KB
55 KB 141ms
71ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gdzwow.com
URL: https://gdzwow.com/wp-content/cache/autoptimize/js/autoptimize_a4cf94b43a54ec39e3e2cfcab7bc59ce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c8ed9e08ca56862a6e395bdad991fb93eadf2f7c7efba5009bc56991f751c3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56199
x-xss-protection: 0
server: cafe
etag: 18390084598518127630
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 14 May 2022 09:51:25 GMT

GET
H2 200 ssp.js Show response
cdn.adrun.ru/js/ 71 KB
27 KB 127ms
41ms Script
application/javascript 2606:4700:3035::6815:49ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adrun.ru/js/ssp.js
Requested by: Host: gdzwow.com
URL: https://gdzwow.com/wp-content/cache/autoptimize/js/autoptimize_a4cf94b43a54ec39e3e2cfcab7bc59ce.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:49ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 061cc7c5e62cb506fc7362df2dda3d4d08e60600df37bafa6c8cadc6332118b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10237
cf-polished: origSize=130102
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 08:13:54 GMT
server: cloudflare
etag: W/"6232edc2-1fc36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoeagK6X2lVym7zny56%2BWYMcW%2F1d9z%2BNdGnWEI0yifJPUSUdYb9d9X6RDrYtIFR2770HzF%2BpYl7ZQLC%2B0cJtQCDQmdv5KkoVsQStBwif2g7zEv9xPafD3z%2Bws67xFbhU1Abd8BG4Aj68qlA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 70b2bc39b9448cc6-EWR
cf-bgj: minify

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 285 KB
77 KB 1215ms
297ms Script
text/javascript 2a02:6b8:a::a

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: gdzwow.com
URL: https://gdzwow.com/wp-content/cache/autoptimize/js/autoptimize_a4cf94b43a54ec39e3e2cfcab7bc59ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a -, , ASN (),

Reverse DNS

Software

Resource Hash

d6c66886ea846fb0e16776e507be93f2b755d4571fd24ec0963c4c75c751bd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1652521886601089-13786072844603121348-sas2-0195-sas-l7-balancer-8080-BAL-2200
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 14 May 2022 10:51:26 GMT

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 126 KB
34 KB 1054ms
147ms Script
text/javascript 2a02:6b8:a::a

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: gdzwow.com
URL: https://gdzwow.com/wp-content/cache/autoptimize/js/autoptimize_a4cf94b43a54ec39e3e2cfcab7bc59ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a -, , ASN (),

Reverse DNS

Software

Resource Hash

bc2ed11cd0804ddda5b58c74ebfbb7ca05d7d11303a1808218289d78ca75ee99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1652521886601349-1579294909439394220-sas2-0195-sas-l7-balancer-8080-BAL-8597
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 14 May 2022 10:51:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 102ms
20ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gdzwow.com
URL: https://gdzwow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4051
date: Sat, 14 May 2022 08:43:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 14 May 2022 10:43:54 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 1346ms
437ms Script
application/javascript 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: gdzwow.com
URL: https://gdzwow.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

94bccc9b641ce0b4d8c6e0d75736d19c549ae58bf139e9d5ba5bfe8dad4a54cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:26 GMT
content-encoding: br
last-modified: Fri, 13 May 2022 14:20:22 GMT
etag: "627e3ef6-1149e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70814
expires: Sat, 14 May 2022 10:51:26 GMT

GET
H2 200 56.js Show response
cdn.adrun.ru/banner/16/ 1 KB
817 B 30ms
27ms Script
application/javascript 2606:4700:3035::6815:49ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adrun.ru/banner/16/56.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:49ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9b6441244044f23214a5268cb6bcc1bd5764f7447f17b3bdfd0fc0f0516ff84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1119
cf-polished: origSize=1982
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 03 Apr 2022 06:47:26 GMT
server: cloudflare
etag: W/"624942fe-7be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W73KO9BlkJlDtNrV1ohMFrQnCdIq0QLaakIqJdUf2RkfeIxqfFZtDZHjhLCCdMv160KzKRDsJwzBdtBAMHuQq1RCnn%2F5UZAKvxIW%2FgchWiCafixOc%2F2LYKB7uBG%2FwylFTU0lxExor5AJTWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 70b2bc3a39c08cc6-EWR
cf-bgj: minify

GET
H2 200 53.js Show response
cdn.adrun.ru/banner/16/ 3 KB
892 B 262ms
261ms Script
application/javascript 2606:4700:3035::6815:49ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adrun.ru/banner/16/53.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:49ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 875429c31138de40caff86fd861134835652e25daa7e05c231a53e8786c7a5de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 20 Apr 2022 09:42:44 GMT
server: cloudflare
etag: W/"625fd594-d96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5msU%2BCFlPWy2sZQcgHUigWNUG346%2FBLxB4rIGpxR7JRuJsF4qwVx1eLWTTA7ZTvGM7N8A4rdycmM2QsF2SdQ39clmYuJNqpXiM0jXq%2Bc2g8Wk8D6VJO08TE1XIiCkost4f5v8GL2UYfd2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70b2bc3a39c18cc6-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 114ms
44ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1468149929&t=pageview&_s=1&dl=https%3A%2F%2Fgdzwow.com%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%94%D0%97%20(%D1%80%D0%B5%D1%88%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8)%20%D0%B4%D0%BB%D1%8F%201-11%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BE%D0%B2%20%D0%BF%D0%BE%20%D0%B2%D1%81%D0%B5%D0%BC%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B0%D0%BC%20-%20GDZwow&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1438095784&gjid=1977883119&cid=1599047954.1652521886&tid=UA-85130323-1&_gid=1549186266.1652521886&_r=1&_slc=1&z=385844618

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gdzwow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gdzwow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/ 308 KB
110 KB 129ms
73ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js?bust=31067560

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64ea9358ff96c9a643d03a775d60ee31fb75defcfb3aa895cce0b9c905497ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112583
x-xss-protection: 0
server: cafe
etag: 11895136839884254125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 09:51:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/ Frame 712F 10 KB
5 KB 107ms
33ms Document
text/html 2607:f8b0:4006:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdzwow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 57175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 17:58:31 GMT
etag: 1428802124239944296
expires: Fri, 27 May 2022 17:58:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 googleban.js Show response
cdn.adrun.ru/banner/16/ 55 B
645 B 59ms
30ms Script
application/javascript 2606:4700:3035::6815:49ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adrun.ru/banner/16/googleban.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:49ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8ea4c562a82d1bd140caa9cf02c6991607f1ef044d9efb1dca965969f20d1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1131
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 30 Nov 2020 09:11:30 GMT
server: cloudflare
etag: W/"5fc4b742-37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeS6lxsqGVcq%2F3uHDyg3qfMsgdpfTcaGwiWBXaRTL2IVAwdijmUU3DKMO3U7uwX08O0XHc9QNtz8XMu2Zl8fCYGko4TUVY8U%2BlbvyFSssw8derzrBN0Bo9DyajIZl1%2F0puLPu%2BCxNDHtJs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 70b2bc3d8abc8c81-EWR
cf-bgj: minify

POST
H3 200 17e7g.json Show response
newrrb.bid/ 59 B
610 B 363ms
126ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/17e7g.json

Requested by

Host: newrrb.bid
URL: https://newrrb.bid/17e7g.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e2fa46aa1ae40be66edd3fde0d2e9e856adf47bfde7b7762f0d517ce9ed3b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://gdzwow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 14 May 2022 09:51:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90G1n2bMF9uo%2Fekigv92QJZPPRVJEcyB75vNGcfZhl9Rc92mcetLXOSYWrrRbzB2H%2FsPDhx%2Fr8Th4A5B1GQY83IuY4E1FmAXbSy9nP5UvIKCSx6OplZ3cQ2Nqww%2FD4dmnQe%2F7lrAqEZg"}],"group":"cf-nel","max_age":604800}
cf-ray: 70b2bc3ef9578c78-EWR
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 74.js Show response
cdn.adrun.ru/banner/16/ 2 KB
1 KB 52ms
50ms Script
application/javascript 2606:4700:3035::6815:49ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adrun.ru/banner/16/74.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:49ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a31bbc942c0e7769cba0c5457571b4afc1acc1bf1ca80d08919123412ef1c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1129
cf-polished: origSize=2788
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Apr 2021 16:23:59 GMT
server: cloudflare
etag: W/"6078689f-ae4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T31FehWexwJcACN98WivAtWKcL%2FKAK11WW%2FiL8Ia%2BB5HsSQjairVhcrRNZ4aIVdKAXHzExIcA6j6h%2BjAqjDmD%2Fu1y0lbWfZ%2FtHna7dpBwUu%2BOyMppJTxGHved4YejclBN6m683MOsJeaiz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 70b2bc3efcd38c81-EWR
cf-bgj: minify

GET
H3 200 75.js Show response
cdn.adrun.ru/banner/16/ 2 KB
1 KB 41ms
39ms Script
application/javascript 2606:4700:3035::6815:49ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adrun.ru/banner/16/75.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:49ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fd95d034a041153ba02ef2d40395419c8369ef8c32e84956ce46b5f0a7e950d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1129
cf-polished: origSize=2805
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Apr 2021 16:26:00 GMT
server: cloudflare
etag: W/"60786918-af5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQZNQZo%2FYDu7bmG3HGYTPrA8KV1ONA3aQtUipht5Rr%2FXblSEUaEnW%2Bdc292Sf49d6mYs%2Fa%2BxhHt1KtxT6IdR66KO9DVVDHtDPovmJh377kPOOiEIXtwKTeoB%2FLIXgq9BTqoDZarv3cKdORc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 70b2bc3efcd48c81-EWR
cf-bgj: minify

GET
H3 200 76.js Show response
cdn.adrun.ru/banner/16/ 2 KB
1 KB 49ms
47ms Script
application/javascript 2606:4700:3035::6815:49ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adrun.ru/banner/16/76.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:49ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eb28f4ca7bff36f2f08c9a029be92a6d4a8b3ed7fa6e8a7c547b85df0814a74

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1129
cf-polished: origSize=2805
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Apr 2021 16:27:49 GMT
server: cloudflare
etag: W/"60786985-af5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wk1rs1prxH7vNOoq0a2kY7l5ttIvnmS%2BndndE%2Bnj152RDYx%2B0guSw7ynIvI9qZKkfQL%2FHeb3okybIrxRJtVuaewzCbdvxt9gjjw7J5j6D4f2GoJ494JhrHmmVrm9ag5eg2Cajq5yJqkX8i8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 70b2bc3efcd78c81-EWR
cf-bgj: minify

GET
H/1.1 200
OK ads-async.js Show response
ad.mail.ru/static/ 185 KB
185 KB 658ms
280ms Script
application/javascript 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/ads-async.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 14 May 2022 09:51:27 GMT
Server: nginx
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 189564
Expires: Sat, 14 May 2022 10:01:27 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
643 B 122ms
52ms Script
text/javascript 142.250.72.98

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gdzwow.com&callback=_gfp_s_&client=ca-pub-4135997202708750

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js?bust=31067560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

574e3710ee272a152d8a56c721325879510d69b2828913b1b789382070e6ebc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 250ms
40ms Script
application/javascript 2607:f8b0:4006:80e::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gdzwow.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js?bust=31067560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 May 2022 09:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50D0 0
19 B 221ms
122ms Document
text/html 2607:f8b0:4006:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4135997202708750&output=html&adk=1812271804&adf=1573534164&lmt=1652521881&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgdzwow.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652521886077&bpp=17&bdt=4704&idt=568&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2723604641866&frm=20&pv=2&ga_vid=1599047954.1652521886&ga_sid=1652521887&ga_hid=1468149929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44762584%2C31065742%2C31067560%2C31067419%2C31067488&oid=2&pvsid=3693014854255696&pem=204&tmod=1527157441&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=716

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js?bust=31067560

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdzwow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 May 2022 09:51:27 GMT
expires: Sat, 14 May 2022 09:51:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 147ms
55ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220511&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js?bust=31067560

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71df7ed7e49fcd20c1ec11605e88b7fb5cb19d77ededff75623b5551d629efee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 May 2022 09:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10541
x-xss-protection: 0

POST
H3 200 17e7g.json Show response
newrrb.bid/ 59 B
574 B 165ms
142ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/17e7g.json

Requested by

Host: newrrb.bid
URL: https://newrrb.bid/17e7g.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7fd75cb56e9e1c9cc864aa1fb8cf3e30cfe6db73188534164c4e3c3c7317dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://gdzwow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 14 May 2022 09:51:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8L%2FDVx1qKtXZGyBwCE%2BOO0C22ojlfUYQhTd7lh59odzeljfhrEkmSU2wNcX6rI9Ce5MWvq5Z%2BnfuUt0XsZeUl1%2B%2FwgNRxd0hiPhPbtzNsWghr7zOgHIBlrCuVuKDecnnLrzbhKqiIpES"}],"group":"cf-nel","max_age":604800}
cf-ray: 70b2bc412b9d8c78-EWR
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
55 KB 52ms
45ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6488191624265511

Requested by

Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

020312d42b9b9576b1dd5b885345a6e457860e9e945c46a2b1a1155916f08aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56079
x-xss-protection: 0
server: cafe
etag: 3709838202307955749
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 14 May 2022 09:51:27 GMT

GET
H3 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8D31 603 B
68 B 58ms
57ms Document
text/html 2607:f8b0:4006:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9465790332962370&output=html&h=250&slotname=7997859961&adk=1651047503&adf=440221400&pi=t.ma~as.7997859961&w=300&lmt=1652521881&psa=0&format=300x250&url=https%3A%2F%2Fgdzwow.com%2F&alternate_ad_url=https%3A%2F%2Fcdn.adrun.ru%2Ffast%2Fgoogle_fallback.php%3Fblock%3D16-76&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652521887032&bpp=31&bdt=5659&idt=31&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2723604641866&frm=20&pv=2&ga_vid=1599047954.1652521886&ga_sid=1652521887&ga_hid=1468149929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=893&ady=3479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44762584%2C31065742%2C31067560%2C31067419%2C31067488&oid=2&pvsid=3693014854255696&pem=204&tmod=1527157441&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wCINtMzfxY&p=https%3A//gdzwow.com&dtd=73

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js?bust=31067560

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdzwow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 May 2022 09:51:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 167ms
64ms Script
text/javascript 2607:f8b0:4006:822::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js?bust=31067560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 14 May 2022 09:51:27 GMT

GET
H2 200 4034815.js Show response
cache.betweendigital.com/sections/2/ 8 KB
3 KB 765ms
59ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/4034815.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 38f0ec848584602b717ea30c0776284c7373ef4e7021f63176ed426c02b887b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:27 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 10:38:01 GMT
server: nginx
etag: W/"60265a89-2199"
content-type: application/javascript
x-cdn-edge-id: 119
x-cdn-request-id: 921c592d94e923e31678160905c7a8cf
x-cdn-edge-cache: HIT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 88 B
369 B 671ms
307ms XHR
application/json 2a02:6b8::16b

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b -, , ASN (),

Reverse DNS

Software

Resource Hash

612a5a6bca563d31bd35b2fc90e19b4e59df10cb295bc14f9bd8a20c2f5a3b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://gdzwow.com
date: Sat, 14 May 2022 09:51:27 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 88
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 ce396654a35dec2ccbb8.js Show response
yastatic.net/partner-code-bundles/581091/ 13 KB
5 KB 550ms
161ms Script
text/javascript 2a02:6b8:20::215

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/581091/ce396654a35dec2ccbb8.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

75da372208d55f2f9bbf6cfab060940721de74ffbe4b93bacd0e9754331c6588

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gdzwow.com/
Origin: https://gdzwow.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:27 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4472
last-modified: Thu, 12 May 2022 16:01:59 GMT
server: nginx/1.17.9
etag: "cba1927a4f859b3a9f5ed26f6e063671"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 May 2052 16:24:43 GMT

GET
H2 200 3abd58a493763516ae69.js Show response
yastatic.net/partner-code-bundles/581091/ 89 KB
19 KB 649ms
272ms Script
text/javascript 2a02:6b8:20::215

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/581091/3abd58a493763516ae69.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9fb94122ebb2bb5b1d36c6cb8842202dfd78e7c988e730471626ad1ce720f2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gdzwow.com/
Origin: https://gdzwow.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:27 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18859
last-modified: Thu, 12 May 2022 16:01:59 GMT
server: nginx/1.17.9
etag: "d7d22a7ec50ca707e1b221ee09481f84"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 May 2052 16:24:43 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 701ms
327ms Script
text/javascript 2a02:6b8:20::215

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gdzwow.com/
Origin: https://gdzwow.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:27 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 May 2052 16:24:29 GMT

GET
H2 200 11d88222b88e1d5475cd.js
yastatic.net/partner-code-bundles/581091/ 847 KB
135 KB 740ms
378ms Script
text/javascript 2a02:6b8:20::215

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/581091/11d88222b88e1d5475cd.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gdzwow.com/
Origin: https://gdzwow.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:27 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 137067
last-modified: Thu, 12 May 2022 16:01:58 GMT
server: nginx/1.17.9
etag: "14b6a8d7e236264e9423d3950f3cf90a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 May 2052 16:24:43 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9638.1eHQo3ISumWLHPsiiQWh0t1RnuAgq7NtgPVhHIFBykM3ILnbVoo1_RRK_MCcnqBp.ytKW_kbHhqHtiSWFVtS78-SEU0Q%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9638.NQbEZ7cRwuwfoNQWyiENWNLXdEqL_b_qcidVLByfWRQt_iCupKNFrIvLGdPTQUL-wAx0fovT3snn1yWZ_WX4w1Sxewq4Uitbu7QQZDpD9vc%2C.ltLQnrFcRf5gkTuxdnloqBQYPfM%2C

43 B
333 B

169ms
166ms

Image
image/gif

2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9638.NQbEZ7cRwuwfoNQWyiENWNLXdEqL_b_qcidVLByfWRQt_iCupKNFrIvLGdPTQUL-wAx0fovT3snn1yWZ_WX4w1Sxewq4Uitbu7QQZDpD9vc%2C.ltLQnrFcRf5gkTuxdnloqBQYPfM%2C

Protocol

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:28 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9638.NQbEZ7cRwuwfoNQWyiENWNLXdEqL_b_qcidVLByfWRQt_iCupKNFrIvLGdPTQUL-wAx0fovT3snn1yWZ_WX4w1Sxewq4Uitbu7QQZDpD9vc%2C.ltLQnrFcRf5gkTuxdnloqBQYPfM%2C
date: Sat, 14 May 2022 09:51:28 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 89F2 13 KB
5 KB 129ms
25ms Document
text/html 2607:f8b0:4006:822::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdzwow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 32330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 14 May 2022 00:52:37 GMT
expires: Sun, 14 May 2023 00:52:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2575 783 B
1 KB 190ms
28ms Document
text/html 2607:f8b0:4006:80f::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

4233a9488496b89f58ecb422085230289c03c678aa22f96ad51e16e63e7bf8da

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yjYkPXs311SulSkFKHmE0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gdzwow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-yjYkPXs311SulSkFKHmE0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 14 May 2022 09:51:27 GMT
expires: Sat, 14 May 2022 09:51:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 181ms
139ms Image
image/gif 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:27 GMT
last-modified: Fri, 13 May 2022 14:20:22 GMT
etag: "627e3ef6-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 14 May 2022 10:51:27 GMT

GET
H/1.1 200
OK vkAuth.html
ad.mail.ru/dist/ Frame D215 523 B
802 B 182ms
150ms Document
text/html 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/dist/vkAuth.html
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://gdzwow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 523
Content-Type: text/html;charset=UTF-8
Date: Sat, 14 May 2022 09:51:28 GMT
Expires: Sat, 14 May 2022 10:01:28 GMT
Server: nginx
Timing-Allow-Origin: *

GET
H/1.1 200
OK /
ad.mail.ru/adq/ 305 B
613 B 377ms
168ms Script
application/x-javascript 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?callback=mailru_ad1652521887851&q=850435&vk=0&_=829887624
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 14 May 2022 09:51:28 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *

POST
H/1.1 204
No Content /
ad.mail.ru/web/adcontext/ 0
0 459ms
146ms Fetch 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/web/adcontext/
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://gdzwow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Connection: keep-alive
Date: Sat, 14 May 2022 09:51:28 GMT
Server: nginx

GET
H2 200 33fa619db0cc533e12a2.js
yastatic.net/partner-code-bundles/581091/ 37 KB
10 KB 293ms
254ms Script
text/javascript 2a02:6b8:20::215

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/581091/33fa619db0cc533e12a2.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gdzwow.com/
Origin: https://gdzwow.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:28 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10052
last-modified: Thu, 12 May 2022 16:01:59 GMT
server: nginx/1.17.9
etag: "e20253d5338ef83264ef90b838d3b9a3"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 May 2052 16:24:01 GMT

GET
H2 200 async_rtb.js
cache.betweendigital.com/code/ 302 KB
83 KB 139ms
119ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/4034815.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:28 GMT
content-encoding: gzip
x-cdn-edge-id: 119
server: nginx
etag: W/"6258191c-4b9aa"
content-type: application/javascript
cache-control: public, max-age=900, immutable
last-modified: Thu, 14 Apr 2022 12:52:44 GMT
x-cdn-request-id: 46c0a92233a69dd0b07fc9c8dd42cd8e
x-cdn-edge-cache: HIT

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ 43 B
243 B 257ms
253ms Image
image/gif 151.236.127.145

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:28 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
etag: "5d9caac5-2b"
content-type: image/gif
x-cdn-edge-id: 119
content-length: 43
accept-ranges: bytes
x-cdn-request-id: ad305e253546c25741b500a54d491c8c
x-cdn-edge-cache: HIT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2575 0
0 97ms
96ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220511&jk=3693014854255696&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 89F2 35 KB
13 KB 46ms
36ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:27:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 321844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13618
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 May 2023 16:27:24 GMT

GET
H3 200 openapi.js
vk.com/js/api/ Frame D215 104 KB
23 KB 422ms
136ms Script
application/x-javascript 87.240.139.194
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?169
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv194-139-240-87.vk.com
Software: kittenx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:28 GMT
content-encoding: br
x-frontend: front609307
last-modified: Tue, 15 Mar 2022 10:42:47 GMT
server: kittenx
etag: "62306da7-5b1b"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 23323
expires: Wed, 18 May 2022 09:51:28 GMT

GET
H/1.1 200
OK /
ad.mail.ru/adq/ 305 B
613 B 173ms
165ms Script
application/x-javascript 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?callback=mailru_ad1652521887851&q=849919&vk=0&_=73173784
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 14 May 2022 09:51:28 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *

POST
H/1.1 204
No Content /
ad.mail.ru/web/adcontext/ 0
0 149ms
148ms Fetch 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/web/adcontext/
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://gdzwow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Connection: keep-alive
Date: Sat, 14 May 2022 09:51:28 GMT
Server: nginx

GET
H2 200 3988109.js
cache.betweendigital.com/sections/2/ 8 KB
3 KB 108ms
106ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/3988109.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:28 GMT
content-encoding: gzip
last-modified: Thu, 26 Nov 2020 10:12:01 GMT
server: nginx
etag: W/"5fbf7f71-2199"
content-type: application/javascript
x-cdn-edge-id: 119
x-cdn-request-id: 30a073f87589c891e05664de3dcd06c3
x-cdn-edge-cache: HIT

GET
H2

200

fltiukqt.js
pixel.yabidos.com/
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034815&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034815&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

31ms
24ms

Script
application/javascript

104.16.200.58

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034815&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Server: 104.16.200.58 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 22:52:11 GMT
server: cloudflare
age: 3401
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc515c9817b1-EWR
content-length: 1597
expires: Sat, 14 May 2022 11:51:29 GMT

Redirect headers

date: Sat, 14 May 2022 09:51:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034815&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 70b2bc50fc5017b1-EWR
expires: Sat, 14 May 2022 10:51:29 GMT

GET
H2

200

adi
ads.betweendigital.com/ Frame 2712
Redirect Chain

https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=9968618931729048&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=4034815&jst=ai
https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=9968618931729048&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ%3D%3D&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=4034815&jst=ai&crf=1

2 KB
1 KB

61ms
60ms

Document
text/html

96.46.183.20

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=9968618931729048&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ%3D%3D&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=4034815&jst=ai&crf=1
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gdzwow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: /adi?frl=0&pos=btf&tz=0&fl=0&ord=9968618931729048&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ%3D%3D&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=4034815&jst=ai&crf=1

GET
H2

200

53878831
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/53878831
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/53878831

43 B
297 B

148ms
146ms

Image
image/gif

2001:6d0:4001::226

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/53878831
Protocol: H2
Server: 2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:29 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:29 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/53878831
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

1
mc.yandex.com/watch/39977385/
Redirect Chain

https://mc.yandex.com/watch/39977385?wmode=7&page-url=https%3A%2F%2Fgdzwow.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A4777%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.com/watch/39977385/1?wmode=7&page-url=https%3A%2F%2Fgdzwow.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A4777%3Afu%3A0%3Aen%3Autf-8%3Ala%...

357 B
835 B

186ms
169ms

XHR
application/json

2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/39977385/1?wmode=7&page-url=https%3A%2F%2Fgdzwow.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A4777%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A858685577777%3Ahid%3A564949233%3Az%3A0%3Ai%3A20220514095127%3Aet%3A1652521888%3Ac%3A1%3Arn%3A158006675%3Arqn%3A1%3Au%3A1652521888499376618%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652521878860%3Ads%3A0%2C273%2C142%2C367%2C2081%2C0%2C%2C653%2C0%2C6369%2C6369%2C11%2C3519%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652521889%3At%3A%D0%93%D0%94%D0%97%20%28%D1%80%D0%B5%D1%88%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%29%20%D0%B4%D0%BB%D1%8F%201-11%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BE%D0%B2%20%D0%BF%D0%BE%20%D0%B2%D1%81%D0%B5%D0%BC%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B0%D0%BC%20-%20GDZwow&t=gdpr%2814%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:29 GMT
x-content-type-options: nosniff
last-modified: Sat, 14-May-2022 09:51:29 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gdzwow.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Sat, 14-May-2022 09:51:29 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:28 GMT
last-modified: Sat, 14-May-2022 09:51:28 GMT
location: /watch/39977385/1?wmode=7&page-url=https%3A%2F%2Fgdzwow.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A4777%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A858685577777%3Ahid%3A564949233%3Az%3A0%3Ai%3A20220514095127%3Aet%3A1652521888%3Ac%3A1%3Arn%3A158006675%3Arqn%3A1%3Au%3A1652521888499376618%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652521878860%3Ads%3A0%2C273%2C142%2C367%2C2081%2C0%2C%2C653%2C0%2C6369%2C6369%2C11%2C3519%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652521889%3At%3A%D0%93%D0%94%D0%97%20%28%D1%80%D0%B5%D1%88%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%29%20%D0%B4%D0%BB%D1%8F%201-11%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BE%D0%B2%20%D0%BF%D0%BE%20%D0%B2%D1%81%D0%B5%D0%BC%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B0%D0%BC%20-%20GDZwow&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://gdzwow.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 14-May-2022 09:51:28 GMT

GET
H2 200 3987312.js
cache.betweendigital.com/sections/2/ 8 KB
3 KB 96ms
95ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/3987312.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:28 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 11:44:02 GMT
server: nginx
etag: W/"5fbe4382-2199"
content-type: application/javascript
x-cdn-edge-id: 119
x-cdn-request-id: bfe04fc80378fe707fc9e31773ccc166
x-cdn-edge-cache: HIT

GET
H2 200 /
login.vk.com/ Frame D215 27 B
810 B 853ms
134ms XHR
text/html 87.240.129.181

General

Check archive.org

Show headers Download Go to

Full URL

https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1

Requested by

Host: vk.com
URL: https://vk.com/js/api/openapi.js?169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.129.181 -, , ASN (),

Reverse DNS

Software

kittenx / KPHP/7.4.111096

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:29 GMT
content-encoding: gzip
server: kittenx
x-powered-by: KPHP/7.4.111096
strict-transport-security: max-age=15768000
access-control-allow-methods: GET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://ad.mail.ru
cache-control: no-store
access-control-allow-credentials: true
content-type: text/html; charset=windows-1251
content-length: 41

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 89F2 0
9 B 26ms
26ms Image
text/plain 2607:f8b0:4006:822::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4Dp0qw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2001 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ 43 B
242 B 96ms
95ms Image
image/gif 151.236.127.145

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3988109.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:29 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
etag: "5d9caac5-2b"
content-type: image/gif
x-cdn-edge-id: 119
content-length: 43
accept-ranges: bytes
x-cdn-request-id: 0a00cb4fc3edcad688b5e4bbf0c0a712
x-cdn-edge-cache: HIT

GET
H2 200 async_rtb.js
cache.betweendigital.com/code/ 302 KB
83 KB 106ms
105ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3988109.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:29 GMT
content-encoding: gzip
x-cdn-edge-id: 119
server: nginx
etag: W/"6258191c-4b9aa"
content-type: application/javascript
cache-control: public, max-age=900, immutable
last-modified: Thu, 14 Apr 2022 12:52:44 GMT
x-cdn-request-id: ed40258d5ba24db252317a9ed781acfb
x-cdn-edge-cache: HIT

GET
H2 200 impimg.gif
pre.glotgrx.com/ 26 B
299 B 169ms
63ms Image
image/gif 2606:4700::6810:78c3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/impimg.gif?cb=1652521889518&qid=53532313f523632313f5436393&cid=964&s=https://gdzwow.com&p=BX&x=&adtg=4034815&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.64%20Safari/537.36&ai=&flsrc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:78c3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:29 GMT
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 17:13:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc5238b2d15f-BUF
content-length: 26
expires: Sat, 14 May 2022 11:51:29 GMT

GET
H2 200 sspmatch-js
lbs-us-east1.ads.betweendigital.com/ Frame 2712 970 B
1 KB 67ms
55ms Script
text/javascript 96.46.183.20

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs-us-east1.ads.betweendigital.com/sspmatch-js?randsalt=500168&p=43425&gdpr=0&consent=
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=9968618931729048&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ%3D%3D&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=4034815&jst=ai&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 970
content-type: text/javascript

GET
H2 200 pmListener.js
cache.betweendigital.com/ Frame 2712 3 KB
1 KB 119ms
118ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/pmListener.js
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=9968618931729048&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ%3D%3D&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=4034815&jst=ai&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:29 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 14:20:14 GMT
server: nginx
etag: W/"601ab11e-caf"
content-type: application/javascript
x-cdn-edge-id: 119
x-cdn-request-id: 5da906064a9246ed7b33388dbbc68a79
x-cdn-edge-cache: HIT

GET
H2

200

fltiukqt.js
pixel.yabidos.com/
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988109&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988109&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

33ms
27ms

Script
application/javascript

104.16.200.58

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988109&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Server: 104.16.200.58 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 22:52:11 GMT
server: cloudflare
age: 3402
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc54ef9717b1-EWR
content-length: 1597
expires: Sat, 14 May 2022 11:51:30 GMT

Redirect headers

date: Sat, 14 May 2022 09:51:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988109&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 70b2bc53bec917b1-EWR
expires: Sat, 14 May 2022 10:51:29 GMT

GET
H2 200 adi
ads.betweendigital.com/ Frame D66C 2 KB
1 KB 83ms
66ms Document
text/html 96.46.183.20

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2669694173300954&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=580&h=400&s=3988109&jst=ai
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gdzwow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
vary: Accept-Encoding

GET
H2 200 62919123
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ 43 B
415 B 149ms
136ms Image
image/gif 2001:6d0:4001::226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/62919123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 -, , ASN (),

Reverse DNS

Software

ms-counter-3.3.5/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:30 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

fltiukqt.js
pixel.yabidos.com/
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987312&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987312&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

28ms
28ms

Script
application/javascript

104.16.200.58

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987312&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Server: 104.16.200.58 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 22:52:11 GMT
server: cloudflare
age: 3402
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc54ef9817b1-EWR
content-length: 1597
expires: Sat, 14 May 2022 11:51:30 GMT

Redirect headers

date: Sat, 14 May 2022 09:51:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987312&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 70b2bc544f3917b1-EWR
expires: Sat, 14 May 2022 10:51:29 GMT

GET
H2 200 adi
ads.betweendigital.com/ Frame D0DD 2 KB
1 KB 102ms
60ms Document
text/html 96.46.183.20

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=6893180484092114&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=3987312&jst=ai
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gdzwow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
vary: Accept-Encoding

GET
H2 200 70519130
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ 43 B
415 B 158ms
126ms Image
image/gif 2001:6d0:4001::226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/70519130

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 -, , ASN (),

Reverse DNS

Software

ms-counter-3.3.5/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:30 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET bidder_18.html
cache.betweendigital.com/code/ Frame BCDE 0
0

GET sync
x.bidswitch.net/ Frame 2712 0
0

GET pixel
mitdmp.whiteboxdigital.ru/ Frame 2712 0
0

GET btw
sync.dmp.otm-r.com/match/ Frame 2712 0
0

GET btw
px.adhigh.net/p/cm/ Frame 2712 0
0

GET
H2 200 4034816.js
cache.betweendigital.com/sections/2/ 8 KB
3 KB 117ms
116ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/4034816.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:30 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 10:38:01 GMT
server: nginx
etag: W/"60265a89-2199"
content-type: application/javascript
x-cdn-edge-id: 119
x-cdn-request-id: c9b2073278a7f544ef935bd4a8351063
x-cdn-edge-cache: HIT

GET
H2 200 sspmatch-js
lbs-us-east1.ads.betweendigital.com/ Frame D66C 0
78 B 32ms
31ms Script
text/javascript 96.46.183.20

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs-us-east1.ads.betweendigital.com/sspmatch-js?randsalt=472047&p=43425&gdpr=0&consent=
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2669694173300954&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=580&h=400&s=3988109&jst=ai
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: text/javascript

GET
H2 200 pmListener.js
cache.betweendigital.com/ Frame D66C 3 KB
1 KB 97ms
97ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/pmListener.js
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2669694173300954&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=580&h=400&s=3988109&jst=ai
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:30 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 14:20:14 GMT
server: nginx
etag: W/"601ab11e-caf"
content-type: application/javascript
x-cdn-edge-id: 119
x-cdn-request-id: 2a258e62489c67df8a4feb1ae1f513c2
x-cdn-edge-cache: HIT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 143ms
135ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220511&jk=3693014854255696&bg=!eXqlej7NAAZL3OSAa9w7ACkAdvg8Wv_GNIHZRMc4pZorSkHATleJXUAIEdncG_DQ0cTcJUJNee5wgQIAAAPjUgAAADxoAQcKAMI8oLzpb8UmDAYziGFwoOPOso7nRO51Mjit9y4qpxInB2tVAFCqxT-wMkQNZkpYkSbGdGs5akgrfqsSVeha7ECj-DwAj00qR5uhr-PYQQ9KTMh0QaksBYdXgt6zgTLKKoKqqHFbrZnInK3tufiiCFQ_8rpyJCMhieyVCSHPN0IXYMnb2IoANPtI5Vr1hhdhURHuRgA7VzppC-SIkHejK1OfnFEsknnkIX3V5DBEleUKcuIHMonXnUmta7TYVFv2TUTuS5kCmGFTfkOPUGzdQf7uYXqYMuJYPPOhuz_DByzywNKYu3Sc_42WpIbn8fOzgdJt3gCfaxVyKhWuCrOiW10eVttJPHIs3PNhMgqTnztbh6sOx0OLEwN88ZH_rBdbxCQqf2R-q5ogrBAkQHFDu1fKWP2-7k5b1PXFsyKuELkYneW8zt0OF2DNlsIbHUhA9Kex9uC3dZT-F-YhmqvfyaQ1NbawCeVLhxinYjGVtP_GSjcs_CHgmJsHVtWSEkOqhJSe9kcUIWdtQfDqNjF3Rd4_LD0D556gyBtDNNsaPNL2fnjvZiQhieRK8wnHMS9De-OO1_StxMeD_kPVc9cHQchwNytJbqZ5O8Gbt91o0bxCI6od-8JQgDQAtTjkTsHM8rvFi7kI8z4Aw26pOhjgi8aaGYlL3R-oMnJNjMFhJ61YxfGr6abSThxQyI0JoqQMzP9R_y_bhp0p2gb7OBZCTScrddVGSvhlev6JWjq-7ceX4gcXpuw1xduze-HXFMfu7UrBlondp3iHCfUDI5ZPjYVLPU-LBcsKSrA6F1vgjMM8jfS_3jsBljZEc6X4zHd8NyKfSe4S8NmPPQcBkdKPNGBBI0EkUFXfvVXoU4onHnOrRRjxr3CUqjEBmi78csUm9JJRX26R98BnDm8bBAzdtjrZ0XksEtxu7CGCu1GofZj_aLleB2X-bQhoISSdkWi6uYb8M-Nx1zrL1bMDa9rn_SRp5_SDkkRDFlyiDNZJBr1EITsV5b7ahTYCjYK46Yc-ng52Dfj8XpALp8zZratUTSb9JF8mOPpcfA4TCf0AeY9kJ-ifuJR_Y9eaHWgl9du26AB_olavp35VZMlbtnFY4tI3cgCrdTtdWyTz3cV5pAsyKx-PO1LyKRBnydKtEbM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 sspmatch-js
lbs-us-east1.ads.betweendigital.com/ Frame D0DD 0
78 B 45ms
36ms Script
text/javascript 96.46.183.20

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs-us-east1.ads.betweendigital.com/sspmatch-js?randsalt=959485&p=43425&gdpr=0&consent=
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=6893180484092114&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=3987312&jst=ai
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: text/javascript

GET
H2 200 pmListener.js
cache.betweendigital.com/ Frame D0DD 3 KB
1 KB 136ms
129ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/pmListener.js
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=6893180484092114&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=3987312&jst=ai
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:30 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 14:20:14 GMT
server: nginx
etag: W/"601ab11e-caf"
content-type: application/javascript
x-cdn-edge-id: 119
x-cdn-request-id: ac4d4d61633b6e1536a44b2e76662796
x-cdn-edge-cache: HIT

GET
H2 200 impimg.gif
pre.glotgrx.com/ 26 B
84 B 38ms
23ms Image
image/gif 2606:4700::6810:78c3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/impimg.gif?cb=1652521890407&qid=53532313f523632313f5436393&cid=964&s=https://gdzwow.com&p=BX&x=&adtg=3988109&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.64%20Safari/537.36&ai=&flsrc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:78c3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:30 GMT
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 17:13:28 GMT
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc574b96d15f-BUF
content-length: 26
expires: Sat, 14 May 2022 11:51:30 GMT

GET
H2 200 impimg.gif
pre.glotgrx.com/ 26 B
132 B 35ms
21ms Image
image/gif 2606:4700::6810:78c3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/impimg.gif?cb=1652521890409&qid=53532313f523632313f5436393&cid=964&s=https://gdzwow.com&p=BX&x=&adtg=3987312&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.64%20Safari/537.36&ai=&flsrc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:78c3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:30 GMT
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 17:13:28 GMT
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc574b99d15f-BUF
content-length: 26
expires: Sat, 14 May 2022 11:51:30 GMT

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ 43 B
244 B 97ms
97ms Image
image/gif 151.236.127.145

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/4034816.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:30 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
etag: "5d9caac5-2b"
content-type: image/gif
x-cdn-edge-id: 119
content-length: 43
accept-ranges: bytes
x-cdn-request-id: 36ffdd43d6c88b40ad54aa34a4683550
x-cdn-edge-cache: HIT

GET
H2 200 async_rtb.js
cache.betweendigital.com/code/ 302 KB
83 KB 100ms
100ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/4034816.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:30 GMT
content-encoding: gzip
x-cdn-edge-id: 119
server: nginx
etag: W/"6258191c-4b9aa"
content-type: application/javascript
cache-control: public, max-age=900, immutable
last-modified: Thu, 14 Apr 2022 12:52:44 GMT
x-cdn-request-id: 1ad82f23bb448662654fd76736617172
x-cdn-edge-cache: HIT

GET
H/1.1 200
OK ads-async.js
ad.mail.ru/static/ 185 KB
185 KB 156ms
156ms Script
application/javascript 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/ads-async.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 14 May 2022 09:51:30 GMT
Server: nginx
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 189564
Expires: Sat, 14 May 2022 10:01:30 GMT

GET
H/1.1 200
OK /
ad.mail.ru/adq/ 305 B
614 B 154ms
154ms Script
application/x-javascript 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?callback=mailru_ad1652521887851&q=850437&vk=0&_=919093014
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 14 May 2022 09:51:30 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *

POST
H/1.1 204
No Content /
ad.mail.ru/web/adcontext/ 0
0 147ms
146ms Fetch 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/web/adcontext/
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://gdzwow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Connection: keep-alive
Date: Sat, 14 May 2022 09:51:30 GMT
Server: nginx

GET
H2

200

fltiukqt.js
pixel.yabidos.com/
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034816&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034816&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

26ms
25ms

Script
application/javascript

104.16.200.58

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034816&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Server: 104.16.200.58 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 22:52:11 GMT
server: cloudflare
age: 3403
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc5adbeb17b1-EWR
content-length: 1597
expires: Sat, 14 May 2022 11:51:31 GMT

Redirect headers

date: Sat, 14 May 2022 09:51:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034816&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 70b2bc589a0a17b1-EWR
expires: Sat, 14 May 2022 10:51:30 GMT

GET
H2 200 adi
ads.betweendigital.com/ Frame E384 2 KB
1 KB 69ms
69ms Document
text/html 96.46.183.20

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=6075216362457858&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=4034816&jst=ai
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gdzwow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
vary: Accept-Encoding

GET
H2 200 17001426
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ 43 B
415 B 142ms
141ms Image
image/gif 2001:6d0:4001::226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/17001426

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 -, , ASN (),

Reverse DNS

Software

ms-counter-3.3.5/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:30 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK /
ad.mail.ru/adq/ 305 B
614 B 153ms
151ms Script
application/x-javascript 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?callback=mailru_ad1652521887851&q=849921&vk=0&_=408909902
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 14 May 2022 09:51:30 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *

POST
H/1.1 204
No Content /
ad.mail.ru/web/adcontext/ 0
0 146ms
146ms Fetch 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/web/adcontext/
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://gdzwow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Connection: keep-alive
Date: Sat, 14 May 2022 09:51:30 GMT
Server: nginx

GET
H2 200 3988110.js
cache.betweendigital.com/sections/2/ 8 KB
3 KB 130ms
103ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/3988110.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:30 GMT
content-encoding: gzip
last-modified: Thu, 26 Nov 2020 10:12:01 GMT
server: nginx
etag: W/"5fbf7f71-2199"
content-type: application/javascript
x-cdn-edge-id: 119
x-cdn-request-id: 7a8f7a4f95238bf395ff33d19411d377
x-cdn-edge-cache: HIT

GET
H2 200 3987313.js
cache.betweendigital.com/sections/2/ 8 KB
3 KB 95ms
95ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/3987313.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 11:44:02 GMT
server: nginx
etag: W/"5fbe4382-2199"
content-type: application/javascript
x-cdn-edge-id: 119
x-cdn-request-id: a68a0cc4eabfd9df96fcfeeed4fd1c12
x-cdn-edge-cache: HIT

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ 43 B
243 B 94ms
93ms Image
image/gif 151.236.127.145

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3988110.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
etag: "5d9caac5-2b"
content-type: image/gif
x-cdn-edge-id: 119
content-length: 43
accept-ranges: bytes
x-cdn-request-id: 22f388abe76d1fb0edaf392b67e0ebdd
x-cdn-edge-cache: HIT

GET
H2 200 async_rtb.js
cache.betweendigital.com/code/ 302 KB
83 KB 135ms
99ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3988110.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
content-encoding: gzip
x-cdn-edge-id: 119
server: nginx
etag: W/"6258191c-4b9aa"
content-type: application/javascript
cache-control: public, max-age=900, immutable
last-modified: Thu, 14 Apr 2022 12:52:44 GMT
x-cdn-request-id: d27266e35eca14fe409657df3b3d1e97
x-cdn-edge-cache: HIT

GET
H2 200 impimg.gif
pre.glotgrx.com/ 26 B
132 B 26ms
20ms Image
image/gif 2606:4700::6810:78c3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/impimg.gif?cb=1652521891096&qid=53532313f523632313f5436393&cid=964&s=https://gdzwow.com&p=BX&x=&adtg=4034816&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.64%20Safari/537.36&ai=&flsrc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:78c3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 17:13:28 GMT
server: cloudflare
age: 2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc5b7ef0d15f-BUF
content-length: 26
expires: Sat, 14 May 2022 11:51:31 GMT

GET
H2 200 sspmatch-js
lbs-us-east1.ads.betweendigital.com/ Frame E384 0
78 B 31ms
28ms Script
text/javascript 96.46.183.20

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs-us-east1.ads.betweendigital.com/sspmatch-js?randsalt=47605&p=43425&gdpr=0&consent=
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=6075216362457858&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=4034816&jst=ai
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: text/javascript

GET pmListener.js
cache.betweendigital.com/ Frame E384 0
0

GET
H2 200 4034817.js
cache.betweendigital.com/sections/2/ 8 KB
3 KB 95ms
94ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/4034817.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 10:38:01 GMT
server: nginx
etag: W/"60265a89-2199"
content-type: application/javascript
x-cdn-edge-id: 119
x-cdn-request-id: 72954a9dc3b6a9df716b15141eab463e
x-cdn-edge-cache: HIT

GET
H2

200

fltiukqt.js
pixel.yabidos.com/
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987313&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987313&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

29ms
28ms

Script
application/javascript

104.16.200.58

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987313&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Server: 104.16.200.58 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 22:52:11 GMT
server: cloudflare
age: 3403
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc5c8d5717b1-EWR
content-length: 1597
expires: Sat, 14 May 2022 11:51:31 GMT

Redirect headers

date: Sat, 14 May 2022 09:51:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987313&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 70b2bc5c3d1a17b1-EWR
expires: Sat, 14 May 2022 10:51:31 GMT

GET
H2 200 adi
ads.betweendigital.com/ Frame D6B1 2 KB
1 KB 58ms
53ms Document
text/html 96.46.183.20

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=8227616404719653&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=3987313&jst=ai
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gdzwow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
vary: Accept-Encoding

GET
H2 200 88382382
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ 43 B
415 B 142ms
142ms Image
image/gif 2001:6d0:4001::226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/88382382

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 -, , ASN (),

Reverse DNS

Software

ms-counter-3.3.5/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:31 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

fltiukqt.js
pixel.yabidos.com/
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988110&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988110&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

27ms
27ms

Script
application/javascript

104.16.200.58

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988110&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Server: 104.16.200.58 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 22:52:11 GMT
server: cloudflare
age: 3403
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc5cad7217b1-EWR
content-length: 1597
expires: Sat, 14 May 2022 11:51:31 GMT

Redirect headers

date: Sat, 14 May 2022 09:51:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988110&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 70b2bc5c6d4117b1-EWR
expires: Sat, 14 May 2022 10:51:31 GMT

GET
H2 200 adi
ads.betweendigital.com/ Frame FB66 2 KB
1 KB 54ms
54ms Document
text/html 96.46.183.20

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=3081537239607481.5&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=580&h=400&s=3988110&jst=ai
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gdzwow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
vary: Accept-Encoding

GET
H2 200 54404478
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ 43 B
415 B 141ms
140ms Image
image/gif 2001:6d0:4001::226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/54404478

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 -, , ASN (),

Reverse DNS

Software

ms-counter-3.3.5/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:31 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ 43 B
243 B 97ms
96ms Image
image/gif 151.236.127.145

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/4034817.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
etag: "5d9caac5-2b"
content-type: image/gif
x-cdn-edge-id: 119
content-length: 43
accept-ranges: bytes
x-cdn-request-id: c1e9253d4031dc214c67e3548bab15e3
x-cdn-edge-cache: HIT

GET
H2 200 async_rtb.js
cache.betweendigital.com/code/ 302 KB
83 KB 105ms
104ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/4034817.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
content-encoding: gzip
x-cdn-edge-id: 119
server: nginx
etag: W/"6258191c-4b9aa"
content-type: application/javascript
cache-control: public, max-age=900, immutable
last-modified: Thu, 14 Apr 2022 12:52:44 GMT
x-cdn-request-id: 1c178d1ecf10ab3a28bc0f25b99ceece
x-cdn-edge-cache: HIT

GET
H2 200 sspmatch-js
lbs-us-east1.ads.betweendigital.com/ Frame D6B1 0
78 B 37ms
36ms Script
text/javascript 96.46.183.20

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs-us-east1.ads.betweendigital.com/sspmatch-js?randsalt=572349&p=43425&gdpr=0&consent=
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=8227616404719653&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=300&h=250&s=3987313&jst=ai
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: text/javascript

GET pmListener.js
cache.betweendigital.com/ Frame D6B1 0
0

GET
H2 200 sspmatch-js
lbs-us-east1.ads.betweendigital.com/ Frame FB66 0
78 B 37ms
32ms Script
text/javascript 96.46.183.20

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs-us-east1.ads.betweendigital.com/sspmatch-js?randsalt=38422&p=43425&gdpr=0&consent=
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=3081537239607481.5&rr=direct&foc=1&r_seq=0&tld=Z2R6d293LmNvbQ==&dh=v1_0001000000001&tagType=adi&w=580&h=400&s=3988110&jst=ai
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: text/javascript

GET pmListener.js
cache.betweendigital.com/ Frame FB66 0
0

GET
H2 200 impimg.gif
pre.glotgrx.com/ 26 B
84 B 27ms
23ms Image
image/gif 2606:4700::6810:78c3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/impimg.gif?cb=1652521891410&qid=53532313f523632313f5436393&cid=964&s=https://gdzwow.com&p=BX&x=&adtg=3987313&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.64%20Safari/537.36&ai=&flsrc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:78c3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 17:13:28 GMT
server: cloudflare
age: 2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc5d680ad15f-BUF
content-length: 26
expires: Sat, 14 May 2022 11:51:31 GMT

GET
H2 200 impimg.gif
pre.glotgrx.com/ 26 B
84 B 27ms
23ms Image
image/gif 2606:4700::6810:78c3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/impimg.gif?cb=1652521891411&qid=53532313f523632313f5436393&cid=964&s=https://gdzwow.com&p=BX&x=&adtg=3988110&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.64%20Safari/537.36&ai=&flsrc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:78c3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 17:13:28 GMT
server: cloudflare
age: 2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc5d680bd15f-BUF
content-length: 26
expires: Sat, 14 May 2022 11:51:31 GMT

GET
H/1.1 200
OK ads-async.js
ad.mail.ru/static/ 185 KB
185 KB 151ms
147ms Script
application/javascript 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/ads-async.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 14 May 2022 09:51:31 GMT
Server: nginx
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 189564
Expires: Sat, 14 May 2022 10:01:31 GMT

GET
H/1.1 200
OK /
ad.mail.ru/adq/ 305 B
614 B 163ms
150ms Script
application/x-javascript 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?callback=mailru_ad1652521887851&q=849923&vk=0&_=915146071
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 14 May 2022 09:51:31 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *

POST
H/1.1 204
No Content /
ad.mail.ru/web/adcontext/ 0
0 144ms
139ms Fetch 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/web/adcontext/
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://gdzwow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Connection: keep-alive
Date: Sat, 14 May 2022 09:51:31 GMT
Server: nginx

GET
H2

200

fltiukqt.js
pixel.yabidos.com/
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034817&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034817&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

29ms
29ms

Script
application/javascript

104.16.200.58

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034817&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Server: 104.16.200.58 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 22:52:11 GMT
server: cloudflare
age: 3403
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc5e4e9a17b1-EWR
content-length: 1597
expires: Sat, 14 May 2022 11:51:31 GMT

Redirect headers

date: Sat, 14 May 2022 09:51:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=4034817&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 70b2bc5e1e7c17b1-EWR
expires: Sat, 14 May 2022 10:51:31 GMT

GET
H2 200 45767782
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ 43 B
415 B 146ms
146ms Image
image/gif 2001:6d0:4001::226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/45767782

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 -, , ASN (),

Reverse DNS

Software

ms-counter-3.3.5/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:31 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 impimg.gif
pre.glotgrx.com/ 26 B
84 B 83ms
83ms Image
image/gif 2606:4700::6810:78c3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/impimg.gif?cb=1652521891593&qid=53532313f523632313f5436393&cid=964&s=https://gdzwow.com&p=BX&x=&adtg=4034817&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.64%20Safari/537.36&ai=&flsrc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:78c3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 17:13:28 GMT
server: cloudflare
age: 2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc5e88a4d15f-BUF
content-length: 26
expires: Sat, 14 May 2022 11:51:31 GMT

GET
H/1.1 200
OK /
ad.mail.ru/adq/ 305 B
613 B 157ms
157ms Script
application/x-javascript 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?callback=mailru_ad1652521887851&q=850442&vk=0&_=351002367
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 14 May 2022 09:51:31 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *

POST
H/1.1 204
No Content /
ad.mail.ru/web/adcontext/ 0
0 141ms
141ms Fetch 2a00:1148:db00::17

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/web/adcontext/
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://gdzwow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Connection: keep-alive
Date: Sat, 14 May 2022 09:51:31 GMT
Server: nginx

GET
H2 200 3987314.js
cache.betweendigital.com/sections/2/ 8 KB
3 KB 100ms
98ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/3987314.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 11:46:01 GMT
server: nginx
etag: W/"5fbe43f9-2199"
content-type: application/javascript
x-cdn-edge-id: 119
x-cdn-request-id: 3160c9eadd6454c4fee1f1dec8800ab5
x-cdn-edge-cache: HIT

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ 43 B
243 B 111ms
106ms Image
image/gif 151.236.127.145

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3987314.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
etag: "5d9caac5-2b"
content-type: image/gif
x-cdn-edge-id: 119
content-length: 43
accept-ranges: bytes
x-cdn-request-id: 1bcd04209a4697b524c99bd591de0a88
x-cdn-edge-cache: HIT

GET
H2 200 async_rtb.js
cache.betweendigital.com/code/ 302 KB
83 KB 121ms
119ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3987314.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
content-encoding: gzip
x-cdn-edge-id: 119
server: nginx
etag: W/"6258191c-4b9aa"
content-type: application/javascript
cache-control: public, max-age=900, immutable
last-modified: Thu, 14 Apr 2022 12:52:44 GMT
x-cdn-request-id: d295e62b9b7793d35bfcbedddae6bfe0
x-cdn-edge-cache: HIT

GET
H2 200 3988111.js
cache.betweendigital.com/sections/2/ 8 KB
3 KB 122ms
122ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/3988111.js
Requested by: Host: cdn.adrun.ru
URL: https://cdn.adrun.ru/js/ssp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:31 GMT
content-encoding: gzip
last-modified: Thu, 26 Nov 2020 10:14:01 GMT
server: nginx
etag: W/"5fbf7fe9-2199"
content-type: application/javascript
x-cdn-edge-id: 119
x-cdn-request-id: 8fa0608e2ddd0c609b4bc608b2ea8799
x-cdn-edge-cache: HIT

GET
H2

200

fltiukqt.js
pixel.yabidos.com/
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987314&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987314&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

31ms
27ms

Script
application/javascript

104.16.200.58

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987314&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Server: 104.16.200.58 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 22:52:11 GMT
server: cloudflare
age: 3404
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc61c98c17b1-EWR
content-length: 1597
expires: Sat, 14 May 2022 11:51:32 GMT

Redirect headers

date: Sat, 14 May 2022 09:51:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3987314&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 70b2bc61896117b1-EWR
expires: Sat, 14 May 2022 10:51:32 GMT

GET
H2 200 72265261
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ 43 B
415 B 188ms
151ms Image
image/gif 2001:6d0:4001::226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/72265261

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 -, , ASN (),

Reverse DNS

Software

ms-counter-3.3.5/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ 43 B
243 B 158ms
144ms Image
image/gif 151.236.127.145

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3988111.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:32 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
etag: "5d9caac5-2b"
content-type: image/gif
x-cdn-edge-id: 119
content-length: 43
accept-ranges: bytes
x-cdn-request-id: a3450d392a76548fd2044234ebd178e3
x-cdn-edge-cache: HIT

GET
H2 200 async_rtb.js
cache.betweendigital.com/code/ 302 KB
83 KB 159ms
145ms Script
application/javascript 151.236.127.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3988111.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.145 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:32 GMT
content-encoding: gzip
x-cdn-edge-id: 119
server: nginx
etag: W/"6258191c-4b9aa"
content-type: application/javascript
cache-control: public, max-age=900, immutable
last-modified: Thu, 14 Apr 2022 12:52:44 GMT
x-cdn-request-id: 506ad155dcff77c679b8b04f1dacdd7f
x-cdn-edge-cache: HIT

GET
H2 200 impimg.gif
pre.glotgrx.com/ 26 B
132 B 183ms
0ms Image
image/gif 2606:4700::6810:78c3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/impimg.gif?cb=1652521892263&qid=53532313f523632313f5436393&cid=964&s=https://gdzwow.com&p=BX&x=&adtg=3987314&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.64%20Safari/537.36&ai=&flsrc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:78c3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:32 GMT
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 17:13:28 GMT
server: cloudflare
age: 3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc644c8ed15f-BUF
content-length: 26
expires: Sat, 14 May 2022 11:51:32 GMT

POST 39977385
mc.yandex.com/webvisor/ 0
0

GET
H2

200

fltiukqt.js
pixel.yabidos.com/
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988111&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988111&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

32ms
32ms

Script
application/javascript

104.16.200.58

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988111&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Server: 104.16.200.58 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 22:52:11 GMT
server: cloudflare
age: 3404
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc662d8817b1-EWR
content-length: 1597
expires: Sat, 14 May 2022 11:51:32 GMT

Redirect headers

date: Sat, 14 May 2022 09:51:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988111&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 70b2bc65ed5217b1-EWR
expires: Sat, 14 May 2022 10:51:32 GMT

GET
H2 200 50628580
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ 43 B
415 B 150ms
149ms Image
image/gif 2001:6d0:4001::226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/50628580

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 -, , ASN (),

Reverse DNS

Software

ms-counter-3.3.5/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 39977385
mc.yandex.com/webvisor/ 43 B
169 B 463ms
152ms XHR
image/gif 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/39977385?wmode=0&wv-part=1&wv-hit=564949233&page-url=https%3A%2F%2Fgdzwow.com%2F&rn=768078210&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1652521893%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220514095132%3Au%3A1652521888499376618%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652521893&t=gdpr(14)ti(2)

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gdzwow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:33 GMT
last-modified: Sat, 14-May-2022 09:51:33 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://gdzwow.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 14-May-2022 09:51:33 GMT

GET
H2 200 flimpobj.js
pixel.yabidos.com/ 31 KB
24 KB 39ms
39ms Script
application/javascript 104.16.200.58

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1652521892865&ver1=2.2.4&qid=53532313f523632313f5436393&rnd=2uljwna9op2o&cid=964
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://gdzwow.com&x=&nci=&adtg=3988111&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 22:52:11 GMT
server: cloudflare
age: 3406
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc669dc817b1-EWR
content-length: 24217
expires: Sat, 14 May 2022 11:51:32 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
129 B 38ms
37ms Image
image/gif 2606:4700::6810:78c3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1652521893053250&ver=1.2r81&qid=53532313f523632313f5436393&p=BX&s=https%253A//gdzwow.com&x=&cid=964&od1=&od2=&adtg=3988111&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=2uljwna9op2o&impid=&idl=&ttduid=&id5=&emh=&tps=74&ver1=2.2.4&lon=&lat=&ua=&os=&mm=&di=&ip=&ci=&pp=&bp=&w=&h=&pn=&1=15832466be44f3e62938e069900bb779&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2275%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=1600x3897&atf=&dbgcid=964&ifm=3&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=23&icp=https%253A//gdzwow.com/&irfl=0&irf=&cty=4&fcs=0&flky=ver-fl-6-qid-fl-26-p-fl-2-s-fl-18-x-fl-0-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-7-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-lon-fl-0-lat-fl-0-ua-fl-0-os-fl-0-mm-fl-0-di-fl-0-ip-fl-0-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-0-h-fl-0-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_9.7_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=283
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:78c3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdzwow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 09:51:33 GMT
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 17:13:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 70b2bc69cfc1d15f-BUF
content-length: 26
expires: Sat, 14 May 2022 11:51:33 GMT

POST
H2 200 39977385
mc.yandex.com/webvisor/ 43 B
85 B 366ms
279ms XHR
image/gif 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/39977385?wmode=0&wv-part=3&wv-hit=564949233&page-url=https%3A%2F%2Fgdzwow.com%2F&rn=524209762&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1652521894%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220514095133%3Au%3A1652521888499376618%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652521894&t=gdpr(14)ti(2)

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gdzwow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:33 GMT
last-modified: Sat, 14-May-2022 09:51:33 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://gdzwow.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 14-May-2022 09:51:33 GMT

POST
H2 200 39977385
mc.yandex.com/webvisor/ 43 B
73 B 268ms
148ms XHR
image/gif 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/39977385?wmode=0&wv-part=1&wv-hit=564949233&page-url=https%3A%2F%2Fgdzwow.com%2F&rn=176487020&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1652521894%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220514095133%3Au%3A1652521888499376618%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652521894&t=gdpr(14)ti(2)

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gdzwow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 May 2022 09:51:33 GMT
last-modified: Sat, 14-May-2022 09:51:33 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://gdzwow.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 14-May-2022 09:51:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a65ba0fd-282d-5386-ac12-59bcce6d221d&CACHEBUSTER=427288

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=between

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a65ba0fd-282d-5386-ac12-59bcce6d221d&source=between&redirect=true&href=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D123%26external_user_id%3D%7Bmiid%7D

Domain: sync.dmp.otm-r.com
URL: https://sync.dmp.otm-r.com/match/btw?id=a65ba0fd-282d-5386-ac12-59bcce6d221d

Domain: px.adhigh.net
URL: https://px.adhigh.net/p/cm/btw

Domain: cache.betweendigital.com
URL: https://cache.betweendigital.com/pmListener.js

Domain: cache.betweendigital.com
URL: https://cache.betweendigital.com/pmListener.js

Domain: cache.betweendigital.com
URL: https://cache.betweendigital.com/pmListener.js

Domain: mc.yandex.com
URL: https://mc.yandex.com/webvisor/39977385?wmode=0&wv-part=2&wv-hit=564949233&page-url=https%3A%2F%2Fgdzwow.com%2F&rn=54155970&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1652521892%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220514095132%3Au%3A1652521888499376618%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652521892&t=gdpr(14)ti(2)

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gdzwow.com/	1969-12-31 23:59:59	Name: flat_r_mb Value: %2F%2F%2F%3Adirect
.gdzwow.com/	1970-01-20 20:33:13	Name: _ga Value: GA1.2.1599047954.1652521886
.gdzwow.com/	1970-01-20 03:03:28	Name: _gid Value: GA1.2.1549186266.1652521886
.gdzwow.com/	1970-01-20 03:02:01	Name: _gat Value: 1
gdzwow.com/	1970-01-20 03:12:06	Name: _adm_u Value: 7659
.yandex.ru/	1970-01-20 20:33:13	Name: i Value: ns5MtknSKlvLvUYvNARjygjXPEPiIHKyuqJFIKVsyVoZnDuKCWzb+fJaUa/MBbGKqbmaGxwzbbBRw9cWmcwjexQwsdA=
.gdzwow.com/	1970-01-20 12:23:37	Name: __gads Value: ID=85a103cc388fa4f5-22df2a3c91d200c1:T=1652521886:RT=1652521886:S=ALNI_MYtUk3f_ojA08zf3N-izX6_s6tTyA
.doubleclick.net/	1970-01-20 20:33:13	Name: IDE Value: AHWqTUlL4gOshJ-xLwj2SU4YEQMzsd_Sz5qDswC1NBe8GOeQdLAXMPSYY_a1wm0q4QQ
.gdzwow.com/	1970-01-20 11:47:37	Name: _ym_uid Value: 1652521888499376618
.gdzwow.com/	1970-01-20 11:47:37	Name: _ym_d Value: 1652521888
.mc.yandex.com/	1970-01-20 03:02:02	Name: sync_cookie_csrf Value: 2116438732fake
.yandex.ru/	1970-01-23 18:38:01	Name: yandexuid Value: 1548526701652521887
.gdzwow.com/	1970-01-20 03:03:13	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 03:02:02	Name: sync_cookie_csrf Value: 3481328637fake

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9465790332962370&output=html&h=250&slotname=7997859961&adk=1651047503&adf=440221400&pi=t.ma~as.7997859961&w=300&lmt=1652521881&psa=0&format=300x250&url=https%3A%2F%2Fgdzwow.com%2F&alternate_ad_url=https%3A%2F%2Fcdn.adrun.ru%2Ffast%2Fgoogle_fallback.php%3Fblock%3D16-76&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652521887032&bpp=31&bdt=5659&idt=31&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2723604641866&frm=20&pv=2&ga_vid=1599047954.1652521886&ga_sid=1652521887&ga_hid=1468149929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=893&ady=3479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44762584%2C31065742%2C31067560%2C31067419%2C31067488&oid=2&pvsid=3693014854255696&pem=204&tmod=1527157441&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wCINtMzfxY&p=https%3A//gdzwow.com&dtd=73 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mail.ru
ads.betweendigital.com
adservice.google.com
cache.betweendigital.com
cdn.adrun.ru
fonts.googleapis.com
fonts.gstatic.com
gdzwow.com
googleads.g.doubleclick.net
lbs-us-east1.ads.betweendigital.com
login.vk.com
matchid.adfox.yandex.ru
maxcdn.bootstrapcdn.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
newrrb.bid
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.yabidos.com
pre.glotgrx.com
px.adhigh.net
sync.dmp.otm-r.com
tpc.googlesyndication.com
tuberculosis.ru
vk.com
www.google-analytics.com
www.google.com
www.prbcdn.ru
www.tns-counter.ru
x.bidswitch.net
yandex.ru
yastatic.net
cache.betweendigital.com
mc.yandex.com
mitdmp.whiteboxdigital.ru
px.adhigh.net
sync.dmp.otm-r.com
x.bidswitch.net
104.16.200.58
142.250.72.98
151.236.127.145
2001:6d0:4001::226
2606:4700:3031::6815:22c2
2606:4700:3035::6815:49ba
2606:4700::6810:78c3
2606:4700::6812:bcf
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::2004
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:822::2001
2607:f8b0:4006:824::2003
2a00:1148:db00::17
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8:a::a
2a03:f480:1:11::8b
46.4.104.244
87.240.129.181
87.240.139.194
89.108.93.146
96.46.183.20
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
020312d42b9b9576b1dd5b885345a6e457860e9e945c46a2b1a1155916f08aee
061cc7c5e62cb506fc7362df2dda3d4d08e60600df37bafa6c8cadc6332118b6
07a31bbc942c0e7769cba0c5457571b4afc1acc1bf1ca80d08919123412ef1c7
097b94827583da54a6882028055fd2604102bf5646b1209d22dc98ac2203d1ec
0c8ed9e08ca56862a6e395bdad991fb93eadf2f7c7efba5009bc56991f751c3c
17df1f2891553baf6c74c4eef8cd0dd9fb73a5669f9f89d67183a8bfe41acfd2
1d0e94cabe5929f27d3f5ae3455c69c01c6f28c49116ada02e245705b25549e6
1e2fa46aa1ae40be66edd3fde0d2e9e856adf47bfde7b7762f0d517ce9ed3b3b
255df06063ef8b4f994c1ae9d232d7c4f27c95b853a68fd9c03e31f4dd6b0031
26f01504c925dc2caacde71c78ec0cbbd0dbd510c0b3e483b754ffc9eb62e9d9
2fd95d034a041153ba02ef2d40395419c8369ef8c32e84956ce46b5f0a7e950d
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
38f0ec848584602b717ea30c0776284c7373ef4e7021f63176ed426c02b887b6
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
401503518894f575673732c689a7885c78bb615900c0c3f726765eb4ce6aa799
4192547933c47032776c86cc04805a86655e4580d0c82b46787a120fcd96c146
4233a9488496b89f58ecb422085230289c03c678aa22f96ad51e16e63e7bf8da
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
574e3710ee272a152d8a56c721325879510d69b2828913b1b789382070e6ebc6
5cbb565231612d7b5e2415d6e24372a9474106d7090a630a075bbbacecb1d727
612a5a6bca563d31bd35b2fc90e19b4e59df10cb295bc14f9bd8a20c2f5a3b2b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64ea9358ff96c9a643d03a775d60ee31fb75defcfb3aa895cce0b9c905497ec4
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6e9cca040634f071c068f7f483dfeef82d8589b4082c8cbdc5301951647ba71b
71df7ed7e49fcd20c1ec11605e88b7fb5cb19d77ededff75623b5551d629efee
75da372208d55f2f9bbf6cfab060940721de74ffbe4b93bacd0e9754331c6588
7eb28f4ca7bff36f2f08c9a029be92a6d4a8b3ed7fa6e8a7c547b85df0814a74
875429c31138de40caff86fd861134835652e25daa7e05c231a53e8786c7a5de
89727219f4964bb6c6e8105136a1108259515d70dc5bcc5d2623c26a3dd953d0
94bccc9b641ce0b4d8c6e0d75736d19c549ae58bf139e9d5ba5bfe8dad4a54cc
973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde
9fb94122ebb2bb5b1d36c6cb8842202dfd78e7c988e730471626ad1ce720f2b0
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a7fd75cb56e9e1c9cc864aa1fb8cf3e30cfe6db73188534164c4e3c3c7317dff
b9a8e582ffaf88140ef253b6fc848ca9b50ad3a5f26f35e16791271bed5af1a4
bc2ed11cd0804ddda5b58c74ebfbb7ca05d7d11303a1808218289d78ca75ee99
ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397
ce8ea4c562a82d1bd140caa9cf02c6991607f1ef044d9efb1dca965969f20d1d
d3aaec308e098a6815af4f53a511e33fbd3e0c3cc2f406bd137b0e69dee634e7
d5aab9ecebd2bc2f003980fdde59b97aad0fd105312d99fa50fcab580099aaf3
d6c66886ea846fb0e16776e507be93f2b755d4571fd24ec0963c4c75c751bd95
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
df54da8bbf284d2dd660b1393cd4779514b3eb84842fa4dced2f6d113dfb9882
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f341cc293a3d0b733387cfba00075878854f6dd9902998c40eeb87644ec5c8
e9b6441244044f23214a5268cb6bcc1bd5764f7447f17b3bdfd0fc0f0516ff84
eafb477ee59ae3747d8b1b9d0e613b00b099238d9b2a847915edcc94cb5b053e
f036531b5f9e56993ce2f6c3677bb3b3734859f9747fca67a7095f25095330bc
f587299c3ebd6ccab3ca19f9830d2d7c4390b826425a4dbc340885a86b4fccd7
fe37438db4230a582b6342588d9d14957f1a52e60a4fab2e06a802c7dc387623

gdzwow.com Open in urlscan Pro 89.108.93.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

153 Requests

86 %HTTPS

70 %IPv6

26 Domains

33 Subdomains

27 IPs

4 Countries

2401 kBTransfer

6831 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gdzwow.com Open in urlscan Pro
89.108.93.146 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

86 %
HTTPS

70 %
IPv6

26
Domains

33
Subdomains

27
IPs

4
Countries

2401 kB
Transfer

6831 kB
Size

14
Cookies

153 HTTP transactions
7 data transactions