urlscan.io logo urlscan.io
SecurityTrails logo

premiuminter.forum2x2.ru Open in urlscan Pro
178.33.43.150  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws/
Effective URL: https://premiuminter.forum2x2.ru/f14-forum
Submission: On October 27 via manual from RU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 7 countries across 22 domains to perform 69 HTTP transactions. The main IP is 178.33.43.150, located in France and belongs to OVH, FR. The main domain is premiuminter.forum2x2.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 23rd 2019. Valid for: 3 months.
This is the only time premiuminter.forum2x2.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45.55.119.71 14061 (DIGITALOC...)
1 3 178.33.43.150 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
19 2606:4700:e2:... 13335 (CLOUDFLAR...)
3 178.250.0.130 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 151.101.14.2 54113 (FASTLY)
1 178.250.0.165 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2.19.43.224 20940 (AKAMAI-ASN1)
4 172.217.22.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 6 99.80.15.126 16509 (AMAZON-02)
1 2600:9000:200... 16509 (AMAZON-02)
1 72.251.249.13 29791 (VOXEL-DOT...)
1 2600:9000:200... 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
69 29
1    45.55.119.71 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws
3    178.33.43.150 (France)

ASN16276 (OVH, FR)
premiuminter.forum2x2.ru
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
19    2606:4700:e2::ac40:8b18 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
illiweb.com
3    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
3    2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2606:4700:30::681b:8de7 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
2img.net
2    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
cdn.taboola.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
3    2606:4700::6810:a40d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.viglink.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2606:4700:30::6812:3fe8 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
connect.topicit.net
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
3    2.19.43.224 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-43-224.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
4    172.217.22.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f98.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
googleads.g.doubleclick.net
4    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
6    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
6    99.80.15.126 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
api.viglink.com
1    2600:9000:200c:4000:1f:287:d20a:ce1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
get.s-onetag.com
1    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)
ce.lijit.com
1    2600:9000:200d:b800:5:ae3a:ba00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
onetag-geo.s-onetag.com
1    2600:9000:20eb:7e00:5:9a4c:9b00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
beacon.s-onetag.com
1    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
Domain Requested by
19 illiweb.com premiuminter.forum2x2.ru
ajax.googleapis.com
6 api.viglink.com 2 redirects cdn.viglink.com
6 cdn.ampproject.org securepubads.g.doubleclick.net
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
premiuminter.forum2x2.ru
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
premiuminter.forum2x2.ru
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
premiuminter.forum2x2.ru
3 cdn.viglink.com premiuminter.forum2x2.ru
3 cdn.taboola.com premiuminter.forum2x2.ru
cdn.taboola.com
3 www.google.com 2 redirects premiuminter.forum2x2.ru
3 static.criteo.net premiuminter.forum2x2.ru
3 premiuminter.forum2x2.ru 1 redirects xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws
premiuminter.forum2x2.ru
2 www.google-analytics.com 1 redirects www.googletagmanager.com
1 pagead2.googlesyndication.com
1 beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 ce.lijit.com
1 get.s-onetag.com
1 googleads.g.doubleclick.net premiuminter.forum2x2.ru
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com premiuminter.forum2x2.ru
1 www.google.de premiuminter.forum2x2.ru
1 stats.g.doubleclick.net 1 redirects
1 connect.topicit.net premiuminter.forum2x2.ru
1 fonts.googleapis.com ajax.googleapis.com
1 www.gstatic.com www.google.com
1 bidder.criteo.com static.criteo.net
1 2img.net premiuminter.forum2x2.ru
1 www.googletagmanager.com premiuminter.forum2x2.ru
1 ajax.googleapis.com premiuminter.forum2x2.ru
1 xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws
69 30

This site contains links to these domains. Also see Links.

Domain
www.forum2x2.ru
help.forum2x2.ru
Subject Issuer Validity Valid
m91.maxns.net
Let's Encrypt Authority X3		 2019-09-23 -
2019-12-22		 3 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
illiweb.com
CloudFlare Inc ECC CA-2		 2019-09-17 -
2020-09-16		 a year crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2019-03-26 -
2020-03-30		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
2img.net
CloudFlare Inc ECC CA-2		 2019-01-04 -
2020-01-04		 a year crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-07-30 -
2020-07-25		 a year crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2019-03-28 -
2020-04-01		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
ssl418259.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
topicit.net
CloudFlare Inc ECC CA-2		 2019-10-06 -
2020-10-05		 a year crt.sh
www.google.de
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
viglink.com
Amazon		 2019-02-09 -
2020-03-09		 a year crt.sh
*.s-onetag.com
Amazon		 2019-06-25 -
2020-07-25		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2019-03-11 -
2020-05-10		 a year crt.sh

This page contains 3 frames:

Primary Page: https://premiuminter.forum2x2.ru/f14-forum
Frame ID: 6E0A577A02DB7E8A2D08C41B3F9FFFFC
Requests: 52 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: C178CC2D4496F692CD5295ACE8B7EBDD
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/211910251950120/amp4ads-v0.js
Frame ID: 2E05A6D8835DC407D2C3F74EE25A64F4
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws/ Page URL
  2. http://premiuminter.forum2x2.ru/f14-forum HTTP 301
    https://premiuminter.forum2x2.ru/f14-forum Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

69
Requests

99 %
HTTPS

69 %
IPv6

22
Domains

30
Subdomains

29
IPs

7
Countries

745 kB
Transfer

2234 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws/ Page URL
  2. http://premiuminter.forum2x2.ru/f14-forum HTTP 301
    https://premiuminter.forum2x2.ru/f14-forum Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1822703685&t=pageview&_s=1&dl=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Ff14-forum&dr=http%3A%2F%2Fxn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%BE%D0%BD%D1%86%D0%B5%D0%BD%D1%82%D1%80%D0%B0%D1%82%D1%8B%20%D0%BE%D0%B3%D0%BD%D0%B5%D0%B2%D0%BA%D0%B8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=453520169&gjid=714902714&cid=788958266.1572164672&tid=UA-144347007-1&_gid=1635378150.1572164672&_r=1&gtm=2ouaa0&z=511462923 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144347007-1&cid=788958266.1572164672&jid=453520169&_gid=1635378150.1572164672&gjid=714902714&_v=j79&z=511462923 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=788958266.1572164672&jid=453520169&_v=j79&z=511462923 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=788958266.1572164672&jid=453520169&_v=j79&z=511462923&slf_rd=1&random=1696105182
Request Chain 45
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1572164672197&ns_c=UTF-8&cv=3.1e&c8=%D0%9A%D0%BE%D0%BD%D1%86%D0%B5%D0%BD%D1%82%D1%80%D0%B0%D1%82%D1%8B%20%D0%BE%D0%B3%D0%BD%D0%B5%D0%B2%D0%BA%D0%B8&c7=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Ff14-forum&c9=http%3A%2F%2Fxn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1572164672197&ns_c=UTF-8&cv=3.1e&c8=%D0%9A%D0%BE%D0%BD%D1%86%D0%B5%D0%BD%D1%82%D1%80%D0%B0%D1%82%D1%8B%20%D0%BE%D0%B3%D0%BD%D0%B5%D0%B2%D0%BA%D0%B8&c7=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Ff14-forum&c9=http%3A%2F%2Fxn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws%2F
Request Chain 60
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 62
  • https://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e HTTP 302
  • https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Request Chain 63
  • https://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e HTTP 302
  • https://ce.lijit.com/merge?pid=8008&3pid=15c0e0b62b85315458893606f311f867

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws/
Protocol
HTTP/1.1
Server
45.55.119.71 New York, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx / Express
Resource Hash
51701ee345cca78ef3824a86e238cd728a8f4d665d35f0e322e433a44bf42ccc

Request headers

Host
xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Sun, 27 Oct 2019 08:24:31 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
Express
ETag
W/"34E0uDFh/eOw04qzOOqvwg=="
Content-Encoding
gzip
Primary Request f14-forum
premiuminter.forum2x2.ru/
Redirect Chain
  • http://premiuminter.forum2x2.ru/f14-forum
  • https://premiuminter.forum2x2.ru/f14-forum
49 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://premiuminter.forum2x2.ru/f14-forum
Requested by
Host: xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws
URL: http://xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.43.150 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c95dddd28e3bff35991847b575a1607a130e1090673a1b7db9c0ad971606048f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0; mode=block

Request headers

:method
GET
:authority
premiuminter.forum2x2.ru
:scheme
https
:path
/f14-forum
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws/

Response headers

status
200
date
Sun, 27 Oct 2019 08:24:31 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-store
pragma
no-cache
expires
Sun, 27 Oct 2019 00:00:00 GMT
last-modified
Sun, 27 Oct 2019 08:24:31 GMT
vary
User-Agent
x-content-type-options
nosniff
x-xss-protection
0; mode=block
access-control-allow-origin
*
x-cache-fs
EXPIRED
content-encoding
gzip

Redirect headers

Date
Sun, 27 Oct 2019 08:24:31 GMT
Content-Length
0
Location
https://premiuminter.forum2x2.ru/f14-forum
X-Cache-FS
MISS
truncated
/ 		593 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpg
0-ltr.css
premiuminter.forum2x2.ru/ 		152 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://premiuminter.forum2x2.ru/0-ltr.css
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.43.150 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
0d6367f4a024d477f1ed6215569807f071899d7ce2bb540e1c2542dd331dfddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 27 Oct 2019 00:00:00 GMT
status
200
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
content-length
56312
x-xss-protection
1; mode=block
x-cache-ma
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 03:37:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
449206
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33845
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Oct 2020 03:37:45 GMT
ru.js
illiweb.com/rs3/53/frm/lang/ 		71 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/53/frm/lang/ru.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0943e4e2eeac86fd0e78baddcc7ce43b10fdb3f9aca0a88f4ff0049e3dbfc27c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
253433
cf-polished
origSize=73119
status
200
x-xss-protection
1; mode=block
x-cache-ne
MISS
last-modified
Wed, 23 Oct 2019 13:19:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
expires
Mon, 26 Oct 2020 08:24:31 GMT
cache-control
public, max-age=31536000
x-cache-pr
MISS
cf-ray
52c3462e9c39d6ed-FRA
cf-bgj
minify
invision.js
illiweb.com/rs3/53/frm/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/53/frm/invision.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b0a91fd6eb5029cabacc3c14c13144f97a64d3b261082bd78bd95c71a86d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
253432
status
200
cf-bgj
minify
x-xss-protection
1; mode=block
x-cache-ne
MISS
last-modified
Tue, 27 Aug 2019 14:00:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-cache-pr
MISS
cf-ray
52c3462e9c3cd6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
publishertag.js
static.criteo.net/js/ld/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
56afc6a63fa0f0ab9bc9fcd3540807ac1096124e3b91ca8aea1cd27d0aa80ded

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
content-encoding
gzip
last-modified
Mon, 14 Oct 2019 12:15:40 GMT
server
nginx
etag
W/"5da466ec-15c4f"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 28 Oct 2019 08:24:31 GMT
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144347007-1
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c234797593a57911e9345d6f822918656e7dba4a3c9a910b7eb8c9e837c53c2c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
content-encoding
br
last-modified
Sun, 27 Oct 2019 06:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28469
x-xss-protection
0
expires
Sun, 27 Oct 2019 08:24:31 GMT
jquery.cookie.js
illiweb.com/rs3/53/frm/jquery/cookie/ 		1011 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/53/frm/jquery/cookie/jquery.cookie.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
253437
status
200
cf-bgj
minify
x-xss-protection
1; mode=block
x-cache-ne
MISS
last-modified
Tue, 27 Aug 2019 14:00:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-cache-pr
MISS
cf-ray
52c3462e9c3dd6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
FAToolbar.js
illiweb.com/rs3/53/frm/jquery/toolbar/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/53/frm/jquery/toolbar/FAToolbar.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
53b50d936fbd0379b43181e53561a665a21e6ea1d1fd50a08b8eeaa0fee06906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
253436
status
200
cf-bgj
minify
x-xss-protection
1; mode=block
x-cache-ne
MISS
last-modified
Tue, 27 Aug 2019 14:00:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-cache-pr
MISS
cf-ray
52c3462e9c3fd6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
api.js
www.google.com/recaptcha/ 		729 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
b604645aa60dc4db9af6c128efb3eaa6472460b5e4a80dd534c5be9ae21db37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
465
x-xss-protection
1; mode=block
expires
Sun, 27 Oct 2019 08:24:31 GMT
d92X3zCxNX.jpg
2img.net/h/www.picshare.ru/uploads/160211/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/h/www.picshare.ru/uploads/160211/d92X3zCxNX.jpg
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:8de7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f61aed68a62aec1a37148f074983923957446ca198df90ccdeb7ddebdf1dff9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
7345
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1287
x-xss-protection
1; mode=block
last-modified
Wed, 29 Aug 2012 12:27:31 GMT
server
cloudflare
etag
"503e0ab3-507"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
52c3462edb6e5a1e-VIE
expires
Wed, 24 Oct 2029 08:24:31 GMT
empty.gif
illiweb.com/fa/ 		42 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/empty.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
21541332
status
200
content-length
42
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462e9c40d6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
f_norm_no.gif
illiweb.com/fa/invision/ 		110 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/invision/f_norm_no.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1643221939f467f11fc819ed72b30151109e8af0a1a372b2bf4962ce019de78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
22399378
status
200
content-length
110
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462eac81d6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
lastpost.gif
illiweb.com/fa/invision/ 		53 B
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/invision/lastpost.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2ae16febb6218317adbc00cf3a640256fcfd7f84c5ce3f612df78695739869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
21792346
status
200
content-length
53
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462eccd3d6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
f_norm.gif
illiweb.com/fa/invision/ 		110 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/invision/f_norm.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5cdab1a6e2977d6c195318d92bf67f8bd340afd9874feb1cab9f62c948ced4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
21457590
status
200
content-length
110
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462edcf9d6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
f_hot.gif
illiweb.com/fa/invision/ 		384 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/invision/f_hot.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
28f1c6e9954b02a2205db2f1e0325c3dfe28181ae531f19f30924ee9e289606b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
14190352
status
200
content-length
384
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462eed31d6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
f_hot_no.gif
illiweb.com/fa/invision/ 		380 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/invision/f_hot_no.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4030d87bf826eee47061702a2cb9b998b55e0ba4305f68ff98e988b7cda63a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
14190352
status
200
content-length
380
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-17c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462f0d6bd6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
f_closed_new.gif
illiweb.com/fa/invision/ 		102 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/invision/f_closed_new.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3560b138c51e4bab6fa89cf17a66d91a365f71e468e7abca4cfa08b0cba7c9b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
8127986
status
200
content-length
102
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462f0d6ed6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
f_closed.gif
illiweb.com/fa/invision/ 		102 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/invision/f_closed.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e74d7515e60961e50b27ca8cd1f1fbdcd9e13e681d6a30a895742319ad8b2899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
22637919
status
200
content-length
102
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462f2dc0d6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
f_announce.gif
illiweb.com/fa/invision/ 		97 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/invision/f_announce.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
103ad0110d3ac99d923b4063b549b0c617b381aa3526475b5624f80d5b44c03a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
21425148
status
200
content-length
97
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462f2dc2d6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
f_pinned.gif
illiweb.com/fa/invision/ 		97 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/invision/f_pinned.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ee24efd0a46e4fccf86a6f23cbc7c71925ba904787eddc4c90297243896465
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
22570408
status
200
content-length
97
x-xss-protection
1; mode=block
last-modified
Mon, 16 May 2016 10:59:25 GMT
server
cloudflare
etag
"5739a80d-61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462f3df7d6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
folder_announce.gif
illiweb.com/fa/subsilver/ 		307 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/subsilver/folder_announce.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
20fcc910fde5ccd7b0e724675990bd12ff9e1b5f6fb3a84c34949ed8cea57cdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
8128031
status
200
content-length
307
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-133"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462f4e19d6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144347007-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2997
date
Sun, 27 Oct 2019 07:34:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sun, 27 Oct 2019 09:34:34 GMT
loader.js
cdn.taboola.com/libtrc/forumotion-ru/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/forumotion-ru/loader.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
obaker.243.1.1-10.24.6 /
Resource Hash
02b19a10a5df4a20ae2c593bee9200beb757f240eb3fd24697ae6a11f35f1041

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
EDlNgUY503Jz4gPpbblCbrBzjBUpso4P
content-encoding
gzip
etag
"69eacd8416bdb9e53a2e45fa845f6b2b3140cda9"
age
0
x-cache
MISS
status
200
content-length
19227
x-amz-id-2
8iqwSeMxSxsUDub1i2SwFrplGHEqY5JHmO943RTM0smoAzxXR1CjxYgap5YLq9Eztoyc5vvraaQ=
x-served-by
cache-fra19137-FRA
x-from-cache
1
access-control-allow-origin
*
last-modified
Thu, 24 Oct 2019 14:16:54 UTC
server
obaker.243.1.1-10.24.6
x-timer
S1572164672.917082,VS0,VE104
date
Sun, 27 Oct 2019 08:24:32 GMT
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
7728559E7F308700
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
12
x-cache-hits
0
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=75&profileId=206&cb=89667200889
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

status
204
date
Sun, 27 Oct 2019 08:24:31 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://premiuminter.forum2x2.ru
timing-allow-origin
*
vary
Origin
recaptcha__en.js
www.gstatic.com/recaptcha/releases/5fbZx3NV5xhaMoMLrZV3TkN4/ 		253 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5fbZx3NV5xhaMoMLrZV3TkN4/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bc5efe0814deaf9314fcd65d6c9d924ea008d2637945fae0acc3860c45deb1e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 17:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 21 Oct 2019 04:03:56 GMT
server
sffe
age
486737
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
92268
x-xss-protection
0
expires
Tue, 20 Oct 2020 17:12:14 GMT
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 21 Oct 2020 08:24:31 GMT
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 21 Oct 2020 08:24:31 GMT
vglnk.js
cdn.viglink.com/api/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f2b47a2e8017f8387d34806efc5c3643954171cc9cb38e4b1f583a42aaeaa1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
content-encoding
gzip
cf-cache-status
HIT
age
475848
cf-ray
52c3462fddc7cbc4-VIE
status
200
content-length
27746
x-amz-id-2
XaZZfksc5tY2QYKqWg2l9SF0g4tYYLB4/OoiMCVw8qhEZI1HOeFOpmyjOyB6h9h9/hQcx65+CBU=
last-modified
Mon, 21 Oct 2019 20:13:23 GMT
server
cloudflare
etag
"df893ab92782cedac4da4785df9ec68e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
CED68FA43CA7DB4B
cache-control
public, max-age=1800
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 27 Oct 2019 08:54:31 GMT
nav.gif
illiweb.com/fa/invision/ 		158 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/invision/nav.gif
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16bd0b41944c9e99eb13a384cc608888ba4fbed6cb9232136d5491affee57435
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/0-ltr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
4110834
status
200
content-length
158
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462f7ec6d6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
breadcrumb-arrow.gif
illiweb.com/fa/invision/ 		81 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/invision/breadcrumb-arrow.gif
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
68e6860418db02970d06063f13acba5a706d75d397c8c6415e8f4aefd0f93cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/0-ltr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
21492201
status
200
content-length
81
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462f7ecad6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
css
fonts.googleapis.com/ 		3 KB
882 B 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
Origin
https://premiuminter.forum2x2.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 27 Oct 2019 08:24:31 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Sun, 27 Oct 2019 08:24:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Sun, 27 Oct 2019 08:24:31 GMT
toolbar.png
illiweb.com/fa/i/toolbar/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/i/toolbar/toolbar.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
075cc698968c8fabdc079e0f5a8bf11ed379ddb445d0d7caa5085cf67ff12b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/0-ltr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
21792529
status
200
content-length
11066
x-xss-protection
1; mode=block
last-modified
Mon, 16 May 2016 08:34:44 GMT
server
cloudflare
etag
"57398624-2b3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462fcfe7d6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
pa0.png
illiweb.com/fa/i/toolbar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://illiweb.com/fa/i/toolbar/pa0.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5b862705def8b10b9a2f6e2d285ace98b47d499942ad23d492820a6a04341dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/0-ltr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
21510905
status
200
content-length
1087
x-xss-protection
1; mode=block
last-modified
Mon, 16 May 2016 08:34:43 GMT
server
cloudflare
etag
"57398623-43f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
52c3462fcfe8d6ed-FRA
expires
Mon, 26 Oct 2020 08:24:31 GMT
connect.js
connect.topicit.net/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.topicit.net/scripts/connect.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3fe8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5458
cf-polished
origSize=5437
status
200
last-modified
Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
etag
W/"5d653880-153d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
52c3463078fc598e-VIE
expires
Mon, 28 Oct 2019 08:24:32 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1822703685&t=pageview&_s=1&dl=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Ff14-forum&dr=http%3A%2F%2Fxn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws%2F&...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144347007-1&cid=788958266.1572164672&jid=453520169&_gid=1635378150.1572164672&gjid=714902714&_v=j79&z=511462923
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=788958266.1572164672&jid=453520169&_v=j79&z=511462923
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=788958266.1572164672&jid=453520169&_v=j79&z=511462923&slf_rd=1&random=1696105182
42 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=788958266.1572164672&jid=453520169&_v=j79&z=511462923&slf_rd=1&random=1696105182
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Oct 2019 08:24:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Oct 2019 08:24:32 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=788958266.1572164672&jid=453520169&_v=j79&z=511462923&slf_rd=1&random=1696105182
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame C178 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
72546c4f3020b0f3c54144db851b118c5812fbcb2d4b7da456901cf232658cc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"318 / 576 of 1000 / last-modified: 1572018341"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14897
x-xss-protection
0
expires
Sun, 27 Oct 2019 08:24:32 GMT
impl.20191022-13-RELEASE.js
cdn.taboola.com/libtrc/ 		390 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20191022-13-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-ru/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fff4fe60bda732b610f29654ec2efbe62a489e71b526db88df24bb91c519c640

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
YhqAnN6cEmq91P1u0N9cpPVPx.pAlMi_
content-encoding
gzip
etag
"4f856707ca4034a3514c0b002847f3cf"
age
103
x-cache
HIT
status
200
x-amz-replication-status
PENDING
content-length
112690
x-amz-id-2
S4TYy2Ha7bAQXo6cSbvQPml0UGXXRa6nBzfmCdY1ofcyGOt1WskJOG+S+at03cPII8JGcqoqw/0=
x-served-by
cache-fra19137-FRA
last-modified
Thu, 24 Oct 2019 11:23:40 GMT
server
AmazonS3
x-timer
S1572164672.084304,VS0,VE0
date
Sun, 27 Oct 2019 08:24:32 GMT
vary
Accept-Encoding
x-amz-request-id
DBE095F3C80DB4AB
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
16
x-cache-hits
549
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-43-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 27 Oct 2019 08:24:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
902
Expires
Mon, 28 Oct 2019 08:24:32 GMT
tr5
cdn.taboola.com/libtrc/ 		3 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=preload_vA
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1572164672.085185,VS0,VE0
x-served-by
cache-fra19137-FRA
x-cache
HIT
content-type
text/html
status
200
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
pixel.gif
cdn.viglink.com/images/ 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=5.715581229077284
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:32 GMT
cf-cache-status
HIT
age
10
cf-ray
52c346309fc2cbc4-VIE
status
200
content-length
43
x-amz-id-2
pUIcNHuEITwITJAFv0zf1eMWqWeJVfzBeFeZF51cZGt5vvArCq3oVjQ/5N6crQW0Hv3Wnj02BRA=
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
8D4FAEC87454B7B3
cache-control
max-age=15, must-revalidate
accept-ranges
bytes
content-type
image/gif
pixel.gif
cdn.viglink.com/images/ 		43 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=5.715581229077284
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:32 GMT
cf-cache-status
HIT
age
10
cf-ray
52c346309fc4cbc4-VIE
status
200
content-length
43
x-amz-id-2
pUIcNHuEITwITJAFv0zf1eMWqWeJVfzBeFeZF51cZGt5vvArCq3oVjQ/5N6crQW0Hv3Wnj02BRA=
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
8D4FAEC87454B7B3
cache-control
max-age=15, must-revalidate
accept-ranges
bytes
content-type
image/gif
pubads_impl_2019102101.js
securepubads.g.doubleclick.net/gpt/ Frame C178 		156 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
sffe /
Resource Hash
f92e8b20526c2498a972696186f722cb3909f3a5f977f29d1baf13fb979a0cd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 21 Oct 2019 13:08:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
58599
x-xss-protection
0
expires
Sun, 27 Oct 2019 08:24:32 GMT
integrator.sync.js
adservice.google.de/adsid/ Frame C178 		113 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=premiuminter.forum2x2.ru
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Oct 2019 08:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
108
x-xss-protection
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1572164672197&ns_c=UTF-8&cv=3.1e&c8=%D0%9A%D0%BE%D0%BD%D1%86%D0%B5%D0%BD%D1%82%D1%80%D0%B0%D1%82%D1%8B%20%D0%BE%D0%B3%D0%BD%...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1572164672197&ns_c=UTF-8&cv=3.1e&c8=%D0%9A%D0%BE%D0%BD%D1%86%D0%B5%D0%BD%D1%82%D1%80%D0%B0%D1%82%D1%8B%20%D0%BE%D0%B3%D0%BD...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1572164672197&ns_c=UTF-8&cv=3.1e&c8=%D0%9A%D0%BE%D0%BD%D1%86%D0%B5%D0%BD%D1%82%D1%80%D0%B0%D1%82%D1%8B%20%D0%BE%D0%B3%D0%BD%D0%B5%D0%B2%D0%BA%D0%B8&c7=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Ff14-forum&c9=http%3A%2F%2Fxn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws%2F
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-43-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Oct 2019 08:24:32 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1572164672197&ns_c=UTF-8&cv=3.1e&c8=%D0%9A%D0%BE%D0%BD%D1%86%D0%B5%D0%BD%D1%82%D1%80%D0%B0%D1%82%D1%8B%20%D0%BE%D0%B3%D0%BD%D0%B5%D0%B2%D0%BA%D0%B8&c7=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Ff14-forum&c9=http%3A%2F%2Fxn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws%2F
Pragma
no-cache
Date
Sun, 27 Oct 2019 08:24:32 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C178 		38 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1769324451969979&correlator=850181948318726&output=ldjh&impl=fif&vrg=2019102101&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191027&iu=%2F1150267%2FEtoxicSarl_2019_728x90&sz=728x90&eri=6&cookie_enabled=1&cdm=premiuminter.forum2x2.ru&bc=31&abxe=1&lmt=1572164672&dt=1572164672262&dlt=1572164672055&idt=152&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=429&ady=283&adk=442451065&uci=oaxhb9vhnxo&ifi=1&ifk=1205863220&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Ff14-forum&top=premiuminter.forum2x2.ru&dssz=2&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=788958266.1572164672&ga_sid=1572164672&ga_hid=131113699&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
46daf375dd065fae47c27e0984c511ad1fc9d9475afe0444ce9430c7261339ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9319
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://premiuminter.forum2x2.ru
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019102101.js
securepubads.g.doubleclick.net/gpt/ Frame C178 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
sffe /
Resource Hash
5a5cf98a9348400a3005ee09e1661fa069a13371d8cd1a0c5e6c3c86cabd010f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 08:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 21 Oct 2019 13:08:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24874
x-xss-protection
0
expires
Sun, 27 Oct 2019 08:24:32 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame C178 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
amp4ads-host-v0.js
cdn.ampproject.org/rtv/211910251950120/ Frame C178 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/211910251950120/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
866c1cf254c11afbcb1689842e0eb3ed4973f7edada9f814d5e6b72cd54b9b56
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"4f5033ec350ee5da"
age
99151
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7105
x-xss-protection
0
server
sffe
date
Sat, 26 Oct 2019 04:52:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 25 Oct 2020 04:52:01 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/211910251950120/ Frame 2E05 		243 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/211910251950120/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3f3dcb6fbcf72e438ed5df49786e671cacbdae3a0983ba8d582a2c3b599d261b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"c42e2136f6d5e537"
age
99151
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
66302
x-xss-protection
0
server
sffe
date
Sat, 26 Oct 2019 04:52:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 25 Oct 2020 04:52:01 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/211910251950120/v0/ Frame 2E05 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/211910251950120/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d94dd9f1c15cb40a01fe3f987c6499414a7ef7e06e505aa1e25b067cfddd3acf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"daeb1bdb4628d1d7"
age
99151
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5382
x-xss-protection
0
server
sffe
date
Sat, 26 Oct 2019 04:52:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 25 Oct 2020 04:52:01 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/211910251950120/v0/ Frame 2E05 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/211910251950120/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fc3273fc26f62fbca7433955ffa7edec09ab0608e51c24e444c4deba63162848
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"c8e6ab4df3f1d0fd"
age
99151
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27478
x-xss-protection
0
server
sffe
date
Sat, 26 Oct 2019 04:52:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 25 Oct 2020 04:52:01 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/211910251950120/v0/ Frame 2E05 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/211910251950120/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
87ed2f2b7e6cca24345f5b11714e96b5695527dcbb27b401e938a059ae049b12
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"66ef4a2c69bc545b"
age
99151
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1417
x-xss-protection
0
server
sffe
date
Sat, 26 Oct 2019 04:52:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 25 Oct 2020 04:52:01 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/211910251950120/v0/ Frame 2E05 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/211910251950120/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
24af76725a32febb7ba698e7c6c3f1db7eae95380fc500d1d534272364b5100a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"1ee03eedfa946d39"
age
99151
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13944
x-xss-protection
0
server
sffe
date
Sat, 26 Oct 2019 04:52:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sun, 25 Oct 2020 04:52:01 GMT
truncated
/ Frame 2E05 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85d9c1f562aa9cc78832aa8f21fb347da61e4bf5d23daac054a5e9aeae9b7a11

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
18397547622332313994
tpc.googlesyndication.com/simgad/ Frame 2E05 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18397547622332313994?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qks3fI8cKXgVOo0XAwGUBxfochkNQ
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0948e4593dd200615aa32a31b247222f9c36444c6a798a4fdd7d8afb3ec098b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 19:41:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Oct 2018 12:08:16 GMT
server
sffe
age
1341755
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
22005
x-xss-protection
0
expires
Sat, 10 Oct 2020 19:41:57 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2E05 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 26 Oct 2019 19:35:35 GMT
x-content-type-options
nosniff
server
cafe
age
46137
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3041
x-xss-protection
0
expires
Sun, 27 Oct 2019 19:35:35 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2E05 		344 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 26 Oct 2019 10:35:23 GMT
x-content-type-options
nosniff
server
cafe
age
78549
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 27 Oct 2019 10:35:23 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2E05 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwcHCQFS1Xe7NEviZtgfH4bPwA4rmuvBZsoTh97EKv-EeEAEg2ZXEImCVAqABsYO89QLIAQKpAvX1ei-XYZE-4AIAqAMByAMIqgT0AU_QIDZqNYl9vQMg-i8gXfJgFVxC4DLyqjxN_sAHTAw7Qc0KQA6-uAwKLtl9dktNpgazA7dAGdFWUqtEDHJJb1VpN-7gWnHQJUUGQwVDltCrasB2BeuRDbXfywu96JOTIwutUtfbd-blrxmAvxyOxbzg2JguwnTuqkqdfLAEd_MnKJNTHIP09qdjnKqyxMJfXAask-Y_zGCbLrRrR0xBsecdINONeCZPt6Af3ATCOFAsWR2N12yQG0QpkFG3jvlapaC5qYGgdPuRhLsblcO8Ulhe4wqRvC3c90oZs4Kl59k8FFZKDbHCH9A8boHpQh3UoAfS3w_ABNrly8uVAuAEAZIFBAgEGAGSBQQIBRgEoAYCgAe3_MOKAagHjs4bqAfVyRuoB5PYG6gHugaoB9nLG6gHz8wbqAemvhvYBwHyBwQQwYAC0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00ODU4NzA0NTc5MTM2Mzk2gAoD2BMC&sigh=GNNxW6L_QdM&tpd=AGWhJms7E7GSiTYeCP0jFp7W_T7dfxPTn4rGOLvEVyWR7kPyVQ
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2E05
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/f14-forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Sun, 27 Oct 2019 08:24:32 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
246
x-xss-protection
0
ping
api.viglink.com/api/ 		335 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e0abaf039c36f7ce0d80373ad2360d542f3644626e42c55ec898cc0ada2af0bf

Request headers

Sec-Fetch-Mode
cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 27 Oct 2019 08:24:31 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://premiuminter.forum2x2.ru
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
335
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.min.js
get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/
Redirect Chain
  • https://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e
  • https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:4000:1f:287:d20a:ce1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b

Request headers

Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
ZHambxBZf8oDBVbsA2eKvhosoGHeIUKy
content-encoding
gzip
last-modified
Fri, 06 Sep 2019 22:23:21 GMT
server
AmazonS3
age
1048
date
Sun, 27 Oct 2019 08:07:04 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2
x-amz-cf-id
-5Wo7tStgNvCd7LJpUMFRkJ9UWl_adVsjS_xlY1bYa1TgK0SY9btEw==
via
1.1 281d5965f165d7acaf2c52921da12d67.cloudfront.net (CloudFront)

Redirect headers

Pragma
no-cache
Date
Sun, 27 Oct 2019 08:24:32 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location
https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e
  • https://ce.lijit.com/merge?pid=8008&3pid=15c0e0b62b85315458893606f311f867
0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=8008&3pid=15c0e0b62b85315458893606f311f867
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Oct 2019 08:24:32 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ap2ams1
Content-Type
text/html;charset=utf-8
X-Application-Context
application:prod:9080
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Oct 2019 08:24:32 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location
https://ce.lijit.com/merge?pid=8008&3pid=15c0e0b62b85315458893606f311f867
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
api.viglink.com/api/ 		42 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
58978f7130b78ae5e64005c84ef587fa535c2c0fd047dc8d8663e25cc1939279

Request headers

Sec-Fetch-Mode
cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 27 Oct 2019 08:24:32 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://premiuminter.forum2x2.ru
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT
insert
api.viglink.com/api/ 		117 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/insert
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
faa4428d7e47f6ca9d587ac905cb58afc71817f7f4726b30b516aea7286619b0

Request headers

Sec-Fetch-Mode
cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 27 Oct 2019 08:24:32 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://premiuminter.forum2x2.ru
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
117
Expires
Thu, 01 Jan 1970 00:00:00 GMT
optimize
api.viglink.com/api/ 		986 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/optimize
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af

Request headers

Sec-Fetch-Mode
cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 27 Oct 2019 08:24:32 GMT
Server
Apache-Coyote/1.1
Content-Language
en
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://premiuminter.forum2x2.ru
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html;charset=utf-8
Content-Length
986
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		23 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:b800:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

Sec-Fetch-Mode
cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 27 Oct 2019 07:25:53 GMT
via
1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront), 1.1 7922e01ab53e8f36477272573223ab35.cloudfront.net (CloudFront)
age
2192
x-amzn-requestid
811610fc-4fc5-4c59-be95-d408d9867c9f
status
200
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2, FRA50
x-amz-apigw-id
CNf0LFg7SK4FayA=
content-length
23
x-amz-cf-id
9T9Iq1czou22UdfLmPGT9KL4MxIkCxLUGCtB1963kDmmaL94NTnGkA==
beacon.min.js
beacon.s-onetag.com/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:7e00:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
dQ2IPgbwW_sArXQW0CBb3eN5W57SqoQ0
content-encoding
gzip
last-modified
Thu, 04 Apr 2019 09:35:05 GMT
server
AmazonS3
age
1895
date
Sun, 27 Oct 2019 07:52:58 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
sKPuqmf42ekj9kIN0nhHBpO8uH5hr16CtlSrDnwOGDV7cHtO2AGimg==
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
activeview
pagead2.googlesyndication.com/pcs/ Frame 2E05 		42 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmJN4m39IXaY9F6EfEAt048ZgRgBRuT1pNq_XJ9JiURhnf-yb-yjtBqfq5Xymh-pgMGOxAd1HT6EHHuk-7TWXcnlAsKj3ZI1DMMeVUfHcMtC_5vlRPDdClsawx3Q&sai=AMfl-YRYs4ZtqKTSH8I2ff31eCgBF7oQpNd-dj_-7yHvqSh7lqgBvFnMDw_dANr1-V1HGCvqRP_GLtgzKhs2tsfbxyXkzjqnAtfuoNnE-dIX5fAqDidCZARtv3wR6Ks&sig=Cg0ArKJSzGKAO5jGAneEEAE&cid=CAASF-RoPkFzzBEBZr4SkmWDUvKS7pukwjAI&id=ampim&o=0,91&d=728,90&ss=1600,1200&bs=728,90&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=65&tls=1065&g=100&h=100&pt=163&tt=1065&rpt=163&rst=1572164672498&r=v&adk=442451065&avms=ampa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://premiuminter.forum2x2.ru/f14-forum
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Oct 2019 08:24:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

279 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery boolean| imageTag boolean| theSelection string| clientPC number| clientVer boolean| is_ie boolean| is_nav number| is_moz boolean| is_win boolean| is_mac object| selectId function| helpline function| getarraysize function| arraypush function| arraypop function| checkForm function| emoticon function| emoticonp function| emoticonw function| constructBBcode function| BBcodeVideo function| bbfontstyle function| bbstyle function| FindXY function| selectWysiwyg function| mozWrap function| storeCaret object| html string| document_dir object| item string| mouse_y string| mouse_x function| get_mouseX function| get_mouseY function| get_mouse_pos function| showhide function| insert_search_menu function| insert_search_menu_new function| insert_plus_menu function| insert_plus_menu_new function| insert_plus_album function| insert_plus_album_new function| insert_plus_pic function| insert_plus_pic_new function| link_bbcode function| ShowHideLayer function| ShowHideMenu function| expandLayer function| fa_endpage function| hdr_ref function| hdr_expand function| hdr_contract function| hdr_toggle function| select_switch_col function| disabled1 function| disabled2 string| agt undefined| originalFirstChild function| createTitle function| destroyTitle function| my_getcookie function| my_setcookie function| writeCookie function| expandAllLayer function| check function| checkBySel function| refresh_username function| refresh_username_new function| timestamp function| insertChatBox function| insertChatBoxNew function| insertChatBoxPopup function| showMenu function| action_user function| hideMenu function| js_urlencode function| ajax_refresh_chatbox function| ajax_submit_chatbox function| ajax_refresh_chatterlist function| insert_chatboxsmilie function| change_display_by_icon function| switchuploadaddress function| do_mark function| checkreport function| insert_smilie function| unban_user function| checkmodcp function| check_rotation_radiobuttons function| select_switch_search function| verify_select function| select_switch_line function| select_switch_privmsg function| GetParam function| google_afs_request_done function| set_solved function| bbstyle_table function| display_upload_servimg function| display_upload_imageshack function| onMessage object| gw_window object| gw_style number| offsetx number| offsety number| curX number| curY number| distX number| distY string| obj_ietruebody function| gws_show undefined| elem undefined| divHeight undefined| mouseX undefined| mouseY function| returnNumber function| resizeElement function| resize function| stopResize function| update_dst function| ajax_exec function| div_marquee function| togglePostMultiQuote function| initPostMultiQuote function| initSetFunction function| runLogInPopUp function| privmsg_add_username function| resize_images function| FM_widget_share object| FA function| SystemPoint string| b_help string| i_help string| u_help string| q_help string| c_help string| l_help string| o_help string| p_help string| w_help string| a_help string| s_help string| f_help string| k_help string| e_help string| r_help string| j_help string| v_help string| m_help string| d_help string| t_help string| g_help string| x_help string| y_help string| z_help string| h_help string| sp_help string| wo_help string| ft_help string| jt_help string| sub_help string| sup_help string| tab_help string| hr_help string| fl_help string| vd_help string| _help object| bbcode object| bbtags function| initCategories function| toggleCategory function| togglePopUpMenu function| toggleDiv function| togglePoll function| getElementsByClassName function| initProfilePopUps boolean| openedPopUp object| criteo_pubtag object| Criteo object| google_tag_manager object| dataLayer object| _toolbar function| _manageStateAndCSS function| _moveUp function| _moveDown function| _onResize function| _delItem function| _addItem function| _readItem function| refresh function| _setConfig function| compileNotif object| Toolbar function| gtag function| setScreen number| width boolean| isMobile object| CriteoAdUnits function| CriteoAdblock object| _userdata object| _lang object| _board string| GoogleAnalyticsObject function| ga object| _taboola object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| AT_adFillSlot function| vglnk string| cname number| cpos object| jQuery172047109151665564775 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha object| TRC object| _tblConsole undefined| msg object| _comscore boolean| __v5k function| vl_cB function| vl_disable function| vglnk_15721646720896 number| compteur object| tiButtons string| tiClass function| useQuerySelector undefined| div undefined| span undefined| result undefined| currentElement undefined| elementClass function| _replaceElement function| topicit_action function| isInt function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcPurgeEventHandlers function| __trcJSONify function| __trcUnJSONify function| __trcGetMargins function| __trcAttachResize function| __trcDetachResize function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam object| params number| trc_debug_level string| trc_article_id object| TRCImpl function| udm_ object| ns_p object| COMSCORE object| google_reactive_ads_global_state object| cookies number| j object| cookie object| divs undefined| vglnk_15721646726007 undefined| vglnk_157216467274310 undefined| vglnk_157216467274611 function| vglnk_157216467281312 string| state object| __onetag object| __connect

5 Cookies

Domain/Path Name / Value
.forum2x2.ru/ Name: _gid
Value: GA1.2.1635378150.1572164672
.forum2x2.ru/ Name: _ga
Value: GA1.2.788958266.1572164672
premiuminter.forum2x2.ru/ Name: toolbar_state
Value: fa_show
.forum2x2.ru/ Name: _gat_gtag_UA_144347007_1
Value: 1
.premiuminter.forum2x2.ru/ Name: _fa-screen
Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D

3 Console Messages

Source Level URL
Text
console-api log URL: https://premiuminter.forum2x2.ru/f14-forum(Line 21)
Message:
{"w":1600,"h":1200}
console-api log URL: https://premiuminter.forum2x2.ru/f14-forum(Line 185)
Message:
Failed to register service worker.
console-api info URL: https://cdn.ampproject.org/rtv/211910251950120/amp4ads-v0.js(Line 508)
Message:
Powered by AMP ⚡ HTML – Version 1910251950120 https://premiuminter.forum2x2.ru/f14-forum

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2img.net
adservice.google.de
ajax.googleapis.com
api.viglink.com
beacon.s-onetag.com
bidder.criteo.com
cdn.ampproject.org
cdn.taboola.com
cdn.viglink.com
ce.lijit.com
connect.topicit.net
fonts.googleapis.com
get.s-onetag.com
googleads.g.doubleclick.net
illiweb.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
premiuminter.forum2x2.ru
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
xn--y8h4359n3ca0ngovfla68f.xn--vi8hiv.ws
151.101.14.2
172.217.22.98
178.250.0.130
178.250.0.165
178.33.43.150
2.19.43.224
2600:9000:200c:4000:1f:287:d20a:ce1
2600:9000:200d:b800:5:ae3a:ba00:93a1
2600:9000:20eb:7e00:5:9a4c:9b00:93a1
2606:4700:30::6812:3fe8
2606:4700:30::681b:8de7
2606:4700::6810:a40d
2606:4700:e2::ac40:8b18
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:800::200a
2a00:1450:4001:806::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:819::2008
2a00:1450:4001:81b::2004
2a00:1450:4001:820::2003
2a00:1450:4001:824::2002
2a00:1450:4001:824::200e
2a00:1450:4001:825::2002
2a00:1450:400c:c00::9c
45.55.119.71
72.251.249.13
99.80.15.126
02b19a10a5df4a20ae2c593bee9200beb757f240eb3fd24697ae6a11f35f1041
06f2b47a2e8017f8387d34806efc5c3643954171cc9cb38e4b1f583a42aaeaa1
075cc698968c8fabdc079e0f5a8bf11ed379ddb445d0d7caa5085cf67ff12b57
0943e4e2eeac86fd0e78baddcc7ce43b10fdb3f9aca0a88f4ff0049e3dbfc27c
0948e4593dd200615aa32a31b247222f9c36444c6a798a4fdd7d8afb3ec098b6
0a2ae16febb6218317adbc00cf3a640256fcfd7f84c5ce3f612df78695739869
0d6367f4a024d477f1ed6215569807f071899d7ce2bb540e1c2542dd331dfddb
103ad0110d3ac99d923b4063b549b0c617b381aa3526475b5624f80d5b44c03a
16bd0b41944c9e99eb13a384cc608888ba4fbed6cb9232136d5491affee57435
20fcc910fde5ccd7b0e724675990bd12ff9e1b5f6fb3a84c34949ed8cea57cdb
24af76725a32febb7ba698e7c6c3f1db7eae95380fc500d1d534272364b5100a
28f1c6e9954b02a2205db2f1e0325c3dfe28181ae531f19f30924ee9e289606b
2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9
3560b138c51e4bab6fa89cf17a66d91a365f71e468e7abca4cfa08b0cba7c9b3
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
3c5cdab1a6e2977d6c195318d92bf67f8bd340afd9874feb1cab9f62c948ced4
3f3dcb6fbcf72e438ed5df49786e671cacbdae3a0983ba8d582a2c3b599d261b
4030d87bf826eee47061702a2cb9b998b55e0ba4305f68ff98e988b7cda63a5a
4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af
4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b
46daf375dd065fae47c27e0984c511ad1fc9d9475afe0444ce9430c7261339ae
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
51701ee345cca78ef3824a86e238cd728a8f4d665d35f0e322e433a44bf42ccc
53b50d936fbd0379b43181e53561a665a21e6ea1d1fd50a08b8eeaa0fee06906
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
56afc6a63fa0f0ab9bc9fcd3540807ac1096124e3b91ca8aea1cd27d0aa80ded
58978f7130b78ae5e64005c84ef587fa535c2c0fd047dc8d8663e25cc1939279
5a5cf98a9348400a3005ee09e1661fa069a13371d8cd1a0c5e6c3c86cabd010f
662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9
68e6860418db02970d06063f13acba5a706d75d397c8c6415e8f4aefd0f93cec
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
72546c4f3020b0f3c54144db851b118c5812fbcb2d4b7da456901cf232658cc5
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313
85d9c1f562aa9cc78832aa8f21fb347da61e4bf5d23daac054a5e9aeae9b7a11
866c1cf254c11afbcb1689842e0eb3ed4973f7edada9f814d5e6b72cd54b9b56
87ed2f2b7e6cca24345f5b11714e96b5695527dcbb27b401e938a059ae049b12
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1643221939f467f11fc819ed72b30151109e8af0a1a372b2bf4962ce019de78
b604645aa60dc4db9af6c128efb3eaa6472460b5e4a80dd534c5be9ae21db37b
bc5efe0814deaf9314fcd65d6c9d924ea008d2637945fae0acc3860c45deb1e3
c1b0a91fd6eb5029cabacc3c14c13144f97a64d3b261082bd78bd95c71a86d49
c234797593a57911e9345d6f822918656e7dba4a3c9a910b7eb8c9e837c53c2c
c6ee24efd0a46e4fccf86a6f23cbc7c71925ba904787eddc4c90297243896465
c95dddd28e3bff35991847b575a1607a130e1090673a1b7db9c0ad971606048f
d94dd9f1c15cb40a01fe3f987c6499414a7ef7e06e505aa1e25b067cfddd3acf
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e0abaf039c36f7ce0d80373ad2360d542f3644626e42c55ec898cc0ada2af0bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74d7515e60961e50b27ca8cd1f1fbdcd9e13e681d6a30a895742319ad8b2899
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5b862705def8b10b9a2f6e2d285ace98b47d499942ad23d492820a6a04341dc
f61aed68a62aec1a37148f074983923957446ca198df90ccdeb7ddebdf1dff9b
f92e8b20526c2498a972696186f722cb3909f3a5f977f29d1baf13fb979a0cd6
faa4428d7e47f6ca9d587ac905cb58afc71817f7f4726b30b516aea7286619b0
fc3273fc26f62fbca7433955ffa7edec09ab0608e51c24e444c4deba63162848
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
fff4fe60bda732b610f29654ec2efbe62a489e71b526db88df24bb91c519c640