ad-file.com Open in urlscan Pro
2400:cb00:2048:1::681b:a8e5 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ad-file.com/855ThtlHw/
Submission: On February 08 via automatic, source phishtank (February 8th 2017, 8:37:40 pm UTC)

Summary HTTP 43 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 17 domains to perform 43 HTTP transactions. The main IP is 2400:cb00:2048:1::681b:a8e5, located in United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is ad-file.com.

This is the only time ad-file.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2400:cb00:204... 2400:cb00:2048:1::681b:a8e5	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	209.239.120.72 209.239.120.72	30083 (SERVER4YOU) (SERVER4YOU - server4you Inc.)
1	104.197.19.30 104.197.19.30	15169 (GOOGLE) (GOOGLE - Google Inc.)
3	2a00:1450:400... 2a00:1450:400e:805::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	88.212.201.197 88.212.201.197	39134 (UNITEDNET ) (UNITEDNET )
4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX ) (YANDEX )
1	2a00:1450:401... 2a00:1450:4013:c05::9d	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	192.229.133.177 192.229.133.177	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	139.162.151.130 139.162.151.130	63949 (LINODE-AP...) (LINODE-AP Linode)
1	109.248.237.35 109.248.237.35	201009 (SUPPORTIT...) (SUPPORTIT-AS )
9	109.248.237.36 109.248.237.36	201009 (SUPPORTIT...) (SUPPORTIT-AS )
1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT...) (SUPPORTIT-AS )
1	195.209.111.4 195.209.111.4	52007 (ADRIVER-AS ) (ADRIVER-AS )
1	78.140.184.98 78.140.184.98	35415 (WEBZILLA ) (WEBZILLA )
43	15

13 2400:cb00:2048:1::681b:a8e5 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

ad-file.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.239.120.72 (Saint Louis, United States)

ASN30083 (SERVER4YOU - server4you Inc., US)
PTR: usloft1570.startdedicated.net

igronas.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.197.19.30 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 30.19.197.104.bc.googleusercontent.com

www.pureadexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:805::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.197 (Russian Federation)

ASN39134 (UNITEDNET , RU)
PTR: host197.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Russian Federation)

ASN13238 (YANDEX , RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4013:c05::9d (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.133.177 (Santa Monica, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

www.bnhtml.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.151.130 (Frankfurt, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: reformal.ru

media.reformal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.35 (Cheboksary, Russian Federation)

ASN201009 (SUPPORTIT-AS , RU)

c.luxup.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 109.248.237.36 (Cheboksary, Russian Federation)

ASN201009 (SUPPORTIT-AS , RU)

luxup2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gmp.luxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Cheboksary, Russian Federation)

ASN201009 (SUPPORTIT-AS , RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.111.4 (Russian Federation)

ASN52007 (ADRIVER-AS , RU)

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.140.184.98 (Netherlands)

ASN35415 (WEBZILLA , NL)

madnetex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	ad-file.com ad-file.com	510 KB
7	adlabs.ru stat.adlabs.ru	596 B
4	yandex.ru mc.yandex.ru	27 KB
3	google-analytics.com www.google-analytics.com	11 KB
2	luxup2.ru luxup2.ru	684 B
1	madnetex.com madnetex.com	159 B
1	adriver.ru ssp.adriver.ru	53 B
1	luxcdn.com gmp.luxcdn.com	43 B
1	luxup.ru c.luxup.ru	22 KB
1	reformal.ru media.reformal.ru	5 KB
1	bnhtml.com www.bnhtml.com	3 KB
1	doubleclick.net stats.g.doubleclick.net	44 B
1	yadro.ru counter.yadro.ru	43 B
1	pureadexchange.com www.pureadexchange.com	2 KB
1	igronas.ru igronas.ru
0	contextlab.ru Failed contextlab.ru Failed
0	urldelivery.com Failed www.urldelivery.com Failed
43	17

	Domain	Requested by
13	ad-file.com	ad-file.com
7	stat.adlabs.ru	c.luxup.ru ad-file.com
4	mc.yandex.ru	ad-file.com
3	www.google-analytics.com	ad-file.com
2	luxup2.ru	c.luxup.ru
1	madnetex.com	ad-file.com
1	ssp.adriver.ru	ad-file.com
1	gmp.luxcdn.com	ad-file.com
1	c.luxup.ru	ad-file.com
1	media.reformal.ru	ad-file.com
1	www.bnhtml.com	ad-file.com
1	stats.g.doubleclick.net	ad-file.com
1	counter.yadro.ru	ad-file.com
1	www.pureadexchange.com	ad-file.com www.pureadexchange.com
1	igronas.ru	ad-file.com
0	contextlab.ru Failed	ad-file.com
0	www.urldelivery.com Failed	www.bnhtml.com
43	17

This site contains links to these domains. Also see Links.

Domain
realisticgroup.com

Subject Issuer	Validity	Valid
*.google-analytics.com Google Internet Authority G2	`2017-01-25` - `2017-04-19`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2015-12-16` - `2017-12-15`	2 years	crt.sh
*.g.doubleclick.net Google Internet Authority G2	`2017-01-25` - `2017-04-19`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://ad-file.com/855ThtlHw/
Frame ID: 11211.1
Requests: 40 HTTP requests in this frame

Frame: http://www.pureadexchange.com/a/display.php?r=1347547&treqn=876452791&runauction=1&crr=65cccd3e2dac19b0dea7HMHZ2kQL1kSF0RXeHMHZs4iIvRSLocCblAyBzR2BzRGAyRWM1UTK5de4672c9e79104d5f5b&rtid=589b818a977fd&cbrandom=0.575742240976064&cbtitle=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%20file%20sharing&cbiframe=0&cbWidth=1598&cbHeight=1132&cbdescription=Paypal%20Checker.php.%20download%20Paypal%20Checker.php.%20Fast%20and%20free%20download%20from%20rghost&cbkeywords=Paypal%20Checker.php%2C%20download%20Paypal%20Checker.php%2C%20Paypal%2C%20Checker%2C%20php%2C%20download%20Paypal%20Checker.php%2C%20rghost
Frame ID: 11211.3
Requests: 1 HTTP requests in this frame

Frame: http://www.urldelivery.com/watch.1249478743422?key=629a22b0df2663b0b1e5ee37c1c2377e&kw=%5B%22paypal%22%2C%22checker%22%2C%22php%22%2C%22%E2%80%94%22%2C%22rghost%22%2C%22%E2%80%94%22%2C%22file%22%2C%22sharing%22%5D&refer=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&tz=0
Frame ID: 11211.4
Requests: 1 HTTP requests in this frame

Frame: http://www.urldelivery.com/watch.1021162411605?key=629a22b0df2663b0b1e5ee37c1c2377e&kw=%5B%22paypal%22%2C%22checker%22%2C%22php%22%2C%22%E2%80%94%22%2C%22rghost%22%2C%22%E2%80%94%22%2C%22file%22%2C%22sharing%22%5D&refer=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&tz=0
Frame ID: 11211.5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

43
Requests

19 %
HTTPS

29 %
IPv6

17
Domains

17
Subdomains

15
IPs

5
Countries

581 kB
Transfer

1560 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://realisticgroup.com/
Title: Realistic Group

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 7

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

Request 8

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//ad-file.com/855ThtlHw/;0.5536571758368376
http://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//ad-file.com/855ThtlHw/;0.5536571758368376

Request 11

http://www.google-analytics.com/collect?v=1&_v=j47&a=1521669304&t=pageview&_s=1&dl=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94...
https://www.google-analytics.com/collect?v=1&_v=j47&a=1521669304&t=pageview&_s=1&dl=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%9...

Request 13

http://www.google-analytics.com/collect?v=1&_v=j47&a=1521669304&t=event&_s=2&dl=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%20...
https://www.google-analytics.com/collect?v=1&_v=j47&a=1521669304&t=event&_s=2&dl=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%2...

Request 14

https://mc.yandex.ru/watch/37151970?wmode=5&callback=_ymjsp852087296&page-url=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&browser-info=s%3A1600x1200x24%3Ask%3A1%3Af%3A24.0.0%3Afpr%3A383088170701%3Acn%3...
https://mc.yandex.ru/watch/37151970/1?wmode=5&callback=_ymjsp852087296&page-url=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&browser-info=s%3A1600x1200x24%3Ask%3A1%3Af%3A24.0.0%3Afpr%3A383088170701%3Acn...

Request 31

http://cm.g.doubleclick.net/pixel?google_nid=albs&google_cm=&psid=6384840964723123169&google_hm=NjM4NDg0MDk2NDcyMzEyMzE2OQ&_lxrnd_=625174429&google_tc=
http://gmp.luxcdn.com/tr/?psid=6384840964723123169&_lxrnd_=625174429&google_gid=CAESEEY479NikfhUq16Ikh-RU20&google_cver=1

Request 32

http://track.recreativ.ru/mtch.php?nid=6&psid=6384840964723123169&_lxrnd_=625174414
http://stat.adlabs.ru/merge_gpsid/?sid=8&id=22115721608

Request 33

http://dumedia.ad.admitad.com/uid/sync/admitad?uid=s16d9esb7kwaosso&url=http%3A%2F%2Fstat.adlabs.ru%2Fmerge_gpsid%2F%3Fsid%3D10%26id%3Ds16d9esb7kwaosso
http://stat.adlabs.ru/merge_gpsid/?sid=10&id=s16d9esb7kwaosso

Request 35

http://sync.madnet.ru/image?source=adlabs&return_url=http%3A%2F%2Fstat.adlabs.ru%2Fmerge_gpsid%2F%3Fsid%3D14%26id%3D%7BUID%7D&id=6384840964723123169&_lxrnd_=625174442
http://madnetex.com/pixel/pix.png

Request 36

http://s.uuidksinc.net/match/33/6384840964723123169&_lxrnd_=625174479
http://stat.adlabs.ru/merge_gpsid/?sid=21&id=y0yDggrqkp84qyXQNmVf

Request 38

http://recreativ.ru/mtch/19/6384840964723123169&_lxrnd_=625174480
http://stat.adlabs.ru/merge_gpsid/?sid=29&id=22115721609

Request 39

http://adlabs-sync.rutarget.ru/sync?lx_psid=6384840964723123169&_lxrnd_=625174447
http://stat.adlabs.ru/merge_gpsid/?sid=35&id=m6P7aRoepfiB

Request 40

http://sync-eu.exe.bid/image?source=adlabs&return_url=%2F%2Fstat.adlabs.ru%2Fmerge_gpsid%2F%3Fsid%3D38%26id%3D%7BUID%7D&id=6384840964723123169&_lxrnd_=625174435&session_tpt=eyJoZWFkZXJzIjp7InJlZmVy...
http://stat.adlabs.ru/merge_gpsid/?sid=38&id=51bb88dc-d175-4342-acb0-65cbe4e98867

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
ad-file.com/855ThtlHw/ 34 KB
8 KB 214ms
162ms Document
text/html 2400:cb00:2048:1::681b:a8e5
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

http://ad-file.com/855ThtlHw/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:a8e5 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

103e46f3c13d4b2374d582b97c1e6adc449123d232ff0073693ebfc2fdf4c1b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: ad-file.com
Accept-Language: en-US,en;q=0.8
Cache-Control: no-cache
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Connection: keep-alive
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Encoding: gzip
Connection: keep-alive
Date: Wed, 08 Feb 2017 20:37:30 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: W/"b1750feed91ae4068cf6e24c369a33e3"
Cache-Control: max-age=0, private, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: cloudflare-nginx
X-Frame-Options: DENY
Set-Cookie: __cfduid=d35fbdb34e5bd6bb436f8e0b9b502d4d11486586250; expires=Thu, 08-Feb-18 20:37:30 GMT; path=/; domain=.ad-file.com; HttpOnly _rghost_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTE3ODE1ZDBlMjdjMTQ2ZmRiODY3MDQ1NGU0MDI3N2VjBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTNnK3RIMXArbWp0QWdmR2EyODZYZjFNbml2VVlZSDRzRUF1QmkxZmxVc2c9BjsARg%3D%3D--9d60bf780136d65f5ed691eb797e73746b366ccd; domain=.ad-file.com; path=/; HttpOnly; SameSite=Strict
CF-RAY: 32e1e13f34cb63eb-FRA
Transfer-Encoding: chunked
Status: 200 OK
X-UA-Compatible: IE=Edge,chrome=1
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK application-8ba5fba9b52782d68b5a08d6eacdc2b2.css
ad-file.com/assets/ 606 KB
54 KB 13ms
12ms Stylesheet
text/css 2400:cb00:2048:1::681b:a8e5
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://ad-file.com/assets/application-8ba5fba9b52782d68b5a08d6eacdc2b2.css
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681b:a8e5 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 63ca3d79e98ca0b0755a9f9d5b2aaeb1261082541001742f19080315b452e888

Request headers

Pragma: no-cache
Host: ad-file.com
Cookie: __cfduid=d35fbdb34e5bd6bb436f8e0b9b502d4d11486586250; _rghost_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTE3ODE1ZDBlMjdjMTQ2ZmRiODY3MDQ1NGU0MDI3N2VjBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTNnK3RIMXArbWp0QWdmR2EyODZYZjFNbml2VVlZSDRzRUF1QmkxZmxVc2c9BjsARg%3D%3D--9d60bf780136d65f5ed691eb797e73746b366ccd
Cache-Control: no-cache
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://ad-file.com/855ThtlHw/
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/

Response headers

ETag: "582daa26-d7f4"
Vary: Accept-Encoding
Content-Type: text/css
CF-RAY: 32e1e140457063eb-FRA
Expires: Sat, 06 Feb 2027 20:37:30 GMT
Date: Wed, 08 Feb 2017 20:37:30 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Connection: keep-alive
Content-Length: 55284
Last-Modified: Thu, 17 Nov 2016 13:01:26 GMT
Server: cloudflare-nginx
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK banners_head_code-57ddb8ffdc140b63597deff9a381e13d.js Show response
ad-file.com/assets/ 983 B
580 B 16ms
9ms Script
application/x-javascript 2400:cb00:2048:1::681b:a8e5
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://ad-file.com/assets/banners_head_code-57ddb8ffdc140b63597deff9a381e13d.js
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681b:a8e5 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 1548f97e741ee74aaf783e9511f5e8b27d2709f34bbd8b96343d4810be5a7d3b

Request headers

Cookie: __cfduid=d35fbdb34e5bd6bb436f8e0b9b502d4d11486586250; _rghost_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTE3ODE1ZDBlMjdjMTQ2ZmRiODY3MDQ1NGU0MDI3N2VjBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTNnK3RIMXArbWp0QWdmR2EyODZYZjFNbml2VVlZSDRzRUF1QmkxZmxVc2c9BjsARg%3D%3D--9d60bf780136d65f5ed691eb797e73746b366ccd
Connection: keep-alive
Cache-Control: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ad-file.com
Referer: http://ad-file.com/855ThtlHw/
Accept: */*
Pragma: no-cache
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Encoding: gzip
Last-Modified: Thu, 17 Nov 2016 13:01:26 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=315360000
Connection: keep-alive
CF-RAY: 32e1e14043686433-FRA
Date: Wed, 08 Feb 2017 20:37:30 GMT
CF-Cache-Status: HIT
Server: cloudflare-nginx
ETag: "582daa26-244"
Content-Length: 580
Expires: Sat, 06 Feb 2027 20:37:30 GMT

GET
H/1.1 200
OK logo.svg
ad-file.com/ 7 KB
3 KB 8ms
7ms Image
image/svg+xml 2400:cb00:2048:1::681b:a8e5
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ad-file.com/logo.svg?v2
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681b:a8e5 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: f408e6022ec846b7628aac4adb86ece828e4d7605fad9a33bbbae14bf2202595

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ad-file.com/855ThtlHw/
Cookie: __cfduid=d35fbdb34e5bd6bb436f8e0b9b502d4d11486586250; _rghost_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTE3ODE1ZDBlMjdjMTQ2ZmRiODY3MDQ1NGU0MDI3N2VjBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTNnK3RIMXArbWp0QWdmR2EyODZYZjFNbml2VVlZSDRzRUF1QmkxZmxVc2c9BjsARg%3D%3D--9d60bf780136d65f5ed691eb797e73746b366ccd
Host: ad-file.com
Accept-Language: en-US,en;q=0.8
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Expires: Sat, 06 Feb 2027 20:37:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 17 Nov 2016 13:01:26 GMT
Content-Type: image/svg+xml
Connection: keep-alive
Cache-Control: public, max-age=315360000
CF-RAY: 32e1e14083956433-FRA
Date: Wed, 08 Feb 2017 20:37:30 GMT
CF-Cache-Status: HIT
Server: cloudflare-nginx
ETag: W/"582daa26-1c6f"
Transfer-Encoding: chunked

GET
H/1.1 404
Not Found 6p8ppv0qau353undd457x26h40hbc3qz770wguaxwb307p7tq141gka76if9hcest34m999843
igronas.ru/ 0
0 351ms
126ms Script
text/html 209.239.120.72
server4you Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://igronas.ru/6p8ppv0qau353undd457x26h40hbc3qz770wguaxwb307p7tq141gka76if9hcest34m999843?6h15nhg4=7e53
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 209.239.120.72 Saint Louis, United States, ASN30083 (SERVER4YOU - server4you Inc., US),
Reverse DNS: usloft1570.startdedicated.net
Software: lighttpd/1.4.33 /
Resource Hash

Request headers

Accept: */*
Referer: http://ad-file.com/855ThtlHw/
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Host: igronas.ru
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Length: 345
Content-Type: text/html
Date: Wed, 08 Feb 2017 20:37:30 GMT
Server: lighttpd/1.4.33
Connection: close

GET
H/1.1 200
OK display.php Show response
www.pureadexchange.com/a/ 5 KB
2 KB 360ms
127ms Script
application/javascript 104.197.19.30
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://www.pureadexchange.com/a/display.php?r=1347547
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 104.197.19.30 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS: 30.19.197.104.bc.googleusercontent.com
Software: openresty /
Resource Hash: 73a005a418b50e82885402d05aabaa67f3726eaa306a268f3a2ad5c2417cc422

Request headers

Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://ad-file.com/855ThtlHw/
Accept-Language: en-US,en;q=0.8
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.pureadexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/

Response headers

Connection: keep-alive
Vary: Accept-Encoding
Date: Wed, 08 Feb 2017 20:37:30 GMT
Content-Encoding: gzip
Referrer-Policy: "no-referrer"
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK reload-b2642997a0bc548d39b153ec7400c285.gif
ad-file.com/assets/ 24 KB
24 KB 18ms
12ms Image
image/gif 2400:cb00:2048:1::681b:a8e5
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ad-file.com/assets/reload-b2642997a0bc548d39b153ec7400c285.gif
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681b:a8e5 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 22801a33062992783f79ed3668214ba9f2fea1d6894e70fccd072a1272ea1f12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Connection: keep-alive
Cache-Control: no-cache
Host: ad-file.com
Accept-Language: en-US,en;q=0.8
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ad-file.com/855ThtlHw/
Cookie: __cfduid=d35fbdb34e5bd6bb436f8e0b9b502d4d11486586250; _rghost_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTE3ODE1ZDBlMjdjMTQ2ZmRiODY3MDQ1NGU0MDI3N2VjBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTNnK3RIMXArbWp0QWdmR2EyODZYZjFNbml2VVlZSDRzRUF1QmkxZmxVc2c9BjsARg%3D%3D--9d60bf780136d65f5ed691eb797e73746b366ccd
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Cache-Control: public, max-age=315360000
CF-Cache-Status: HIT
Last-Modified: Thu, 17 Nov 2016 13:01:26 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: image/gif
Content-Length: 24658
Expires: Sat, 06 Feb 2027 20:37:30 GMT
Date: Wed, 08 Feb 2017 20:37:30 GMT
ETag: "582daa26-6052"
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 32e1e14095366505-FRA

GET
H/1.1 200
OK application-83cdd13b13d0e3dc9153db713f170947.js Show response
ad-file.com/assets/ 394 KB
110 KB 30ms
29ms Script
application/x-javascript 2400:cb00:2048:1::681b:a8e5
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://ad-file.com/assets/application-83cdd13b13d0e3dc9153db713f170947.js
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681b:a8e5 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: a038a127d69614e36ff29738fd7607a4bed976995f15e6cb028e1b4fbe48a37e

Request headers

Accept-Language: en-US,en;q=0.8
Accept: */*
Cookie: __cfduid=d35fbdb34e5bd6bb436f8e0b9b502d4d11486586250; _rghost_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTE3ODE1ZDBlMjdjMTQ2ZmRiODY3MDQ1NGU0MDI3N2VjBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTNnK3RIMXArbWp0QWdmR2EyODZYZjFNbml2VVlZSDRzRUF1QmkxZmxVc2c9BjsARg%3D%3D--9d60bf780136d65f5ed691eb797e73746b366ccd
Cache-Control: no-cache
Pragma: no-cache
Host: ad-file.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
Connection: keep-alive
Accept-Encoding: gzip, deflate, sdch
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Vary: Accept-Encoding
Cache-Control: public, max-age=315360000
Connection: keep-alive
Date: Wed, 08 Feb 2017 20:37:30 GMT
CF-Cache-Status: HIT
Last-Modified: Thu, 17 Nov 2016 13:01:26 GMT
Server: cloudflare-nginx
ETag: "582daa26-1b7b6"
CF-RAY: 32e1e14085a363eb-FRA
Content-Length: 112566
Content-Encoding: gzip
Content-Type: application/x-javascript
Expires: Sat, 06 Feb 2027 20:37:30 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

27 KB
11 KB

40ms
12ms

Script
text/javascript

2a00:1450:400e:805::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:400e:805::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3ce672632d9ccd249014dc1bb913f7fa26ad5758fe180671e5cfb90b0f8a55d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: */*
:authority: www.google-analytics.com
:scheme: https
:method: GET
:path: /analytics.js
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
cache-control: no-cache
referer: http://ad-file.com/855ThtlHw/
pragma: no-cache
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

last-modified: Wed, 28 Sep 2016 20:19:01 GMT
server: Golfe2
date: Wed, 08 Feb 2017 19:18:53 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
age: 4717
expires: Wed, 08 Feb 2017 21:18:53 GMT
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
content-encoding: gzip
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="35,34"
content-length: 11590

Redirect headers

Non-Authoritative-Reason: HSTS
Location: https://www.google-analytics.com/analytics.js

GET
H/1.1

200
OK

Cookie set hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//ad-file.com/855ThtlHw/;0.5536571758368376
http://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//ad-file.com/855ThtlHw/;0.5536571758368376

43 B
43 B

55ms
54ms

Image
image/gif

88.212.201.197
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//ad-file.com/855ThtlHw/;0.5536571758368376
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 88.212.201.197 , Russian Federation, ASN39134 (UNITEDNET , RU),
Reverse DNS: host197.rax.ru
Software: 0W/0.8c /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Cache-Control: no-cache
Pragma: no-cache
Host: counter.yadro.ru
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
Cookie: FTID=1Ocu6A04bXvY1Ocu6A00HCtP
Connection: keep-alive
Accept-Encoding: gzip, deflate, sdch
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 08 Feb 2017 20:37:30 GMT
Cache-control: no-cache
Content-Length: 43
Content-Type: image/gif
Set-Cookie: VID=1lN3jl34b89Y1Ocu6A00HCtn; path=/; expires=Wed, 07 Feb 2018 21:00:00 GMT; domain=.yadro.ru
Expires: Mon, 08 Feb 2016 21:00:00 GMT
Pragma: no-cache
Server: 0W/0.8c
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Connection: Close

Redirect headers

Date: Wed, 08 Feb 2017 20:37:30 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: http://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//ad-file.com/855ThtlHw/;0.5536571758368376
Cache-control: no-cache
Set-Cookie: FTID=1Ocu6A04bXvY1Ocu6A00HCtP; path=/; expires=Wed, 07 Feb 2018 21:00:00 GMT; domain=.yadro.ru
Content-Length: 32
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Expires: Mon, 08 Feb 2016 21:00:00 GMT

GET
H/1.1 200
OK watch.js Show response
mc.yandex.ru/metrika/ 74 KB
26 KB 167ms
83ms Script
application/x-javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX , RU),

Reverse DNS

Software

nginx/1.8.1 /

Resource Hash

abf32d4a74c945b6eaa866188df11d764d6e5818f83f3e7e549fc88c70e200e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://ad-file.com/855ThtlHw/
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: en-US,en;q=0.8
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 08 Feb 2017 20:37:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2017 07:08:18 GMT
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Content-Length: 27060
Server: nginx/1.8.1
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Connection: keep-alive
Expires: Wed, 08 Feb 2017 21:37:30 GMT

GET
H/1.1 200
OK /
ad-file.com/855ThtlHw/ 2 KB
715 B 240ms
240ms Image
text/html 2400:cb00:2048:1::681b:a8e5
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ad-file.com/855ThtlHw/

Requested by

Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:a8e5 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ad-file.com/855ThtlHw/
Connection: keep-alive
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ad-file.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept-Language: en-US,en;q=0.8
Cookie: __cfduid=d35fbdb34e5bd6bb436f8e0b9b502d4d11486586250; _rghost_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTE3ODE1ZDBlMjdjMTQ2ZmRiODY3MDQ1NGU0MDI3N2VjBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTNnK3RIMXArbWp0QWdmR2EyODZYZjFNbml2VVlZSDRzRUF1QmkxZmxVc2c9BjsARg%3D%3D--9d60bf780136d65f5ed691eb797e73746b366ccd
Cache-Control: no-cache
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
X-UA-Compatible: IE=Edge,chrome=1
Date: Wed, 08 Feb 2017 20:37:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Status: 200 OK
Server: cloudflare-nginx
ETag: W/"b1750feed91ae4068cf6e24c369a33e3"
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 32e1e140a3ae6433-FRA

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j47&a=1521669304&t=pageview&_s=1&dl=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94...
https://www.google-analytics.com/collect?v=1&_v=j47&a=1521669304&t=pageview&_s=1&dl=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%9...

35 B
44 B

12ms
12ms

Image
image/gif

2a00:1450:400e:805::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j47&a=1521669304&t=pageview&_s=1&dl=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%20file%20sharing&sd=24-bit&sr=1600x1200&vp=1598x1132&je=0&fl=24.0%20r0&_u=AGAAgEAB~&jid=1002676647&cid=1974289228.1486586250&tid=UA-15644263-1&z=420778294

Requested by

Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:400e:805::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
:authority: www.google-analytics.com
:scheme: https
:path: /collect?v=1&_v=j47&a=1521669304&t=pageview&_s=1&dl=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%20file%20sharing&sd=24-bit&sr=1600x1200&vp=1598x1132&je=0&fl=24.0%20r0&_u=AGAAgEAB~&jid=1002676647&cid=1974289228.1486586250&tid=UA-15644263-1&z=420778294
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
cache-control: no-cache
referer: http://ad-file.com/855ThtlHw/
:method: GET
pragma: no-cache
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

pragma: no-cache
x-content-type-options: nosniff
content-type: image/gif
content-length: 35
alt-svc: quic=":443"; ma=2592000; v="35,34"
date: Mon, 06 Feb 2017 22:09:05 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 167305
status: 200
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j47&a=1521669304&t=pageview&_s=1&dl=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%20file%20sharing&sd=24-bit&sr=1600x1200&vp=1598x1132&je=0&fl=24.0%20r0&_u=AGAAgEAB~&jid=1002676647&cid=1974289228.1486586250&tid=UA-15644263-1&z=420778294
Non-Authoritative-Reason: HSTS

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
44 B 47ms
15ms Image
image/gif 2a00:1450:4013:c05::9d
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j47&tid=UA-15644263-1&cid=1974289228.1486586250&jid=1002676647&_u=AGAAgEAB~&z=1868198808

Requested by

Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4013:c05::9d , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.8
cache-control: no-cache
referer: http://ad-file.com/855ThtlHw/
:scheme: https
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept: image/webp,image/*,*/*;q=0.8
:authority: stats.g.doubleclick.net
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
:path: /r/collect?t=dc&aip=1&_r=3&v=1&_v=j47&tid=UA-15644263-1&cid=1974289228.1486586250&jid=1002676647&_u=AGAAgEAB~&z=1868198808
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/

Response headers

content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="35,34"
content-length: 35
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Feb 2017 20:37:30 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
x-content-type-options: nosniff
status: 200
access-control-allow-origin: *

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j47&a=1521669304&t=event&_s=2&dl=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%20...
https://www.google-analytics.com/collect?v=1&_v=j47&a=1521669304&t=event&_s=2&dl=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%2...

35 B
44 B

13ms
13ms

Image
image/gif

2a00:1450:400e:805::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j47&a=1521669304&t=event&_s=2&dl=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%20file%20sharing&sd=24-bit&sr=1600x1200&vp=1598x1132&je=0&fl=24.0%20r0&ec=ads_impr&ea=popunder!!!&_u=AGAAgEAB~&jid=&cid=1974289228.1486586250&tid=UA-15644263-1&z=567405812

Requested by

Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:400e:805::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google-analytics.com
:scheme: https
:method: GET
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
referer: http://ad-file.com/855ThtlHw/
:path: /collect?v=1&_v=j47&a=1521669304&t=event&_s=2&dl=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%20file%20sharing&sd=24-bit&sr=1600x1200&vp=1598x1132&je=0&fl=24.0%20r0&ec=ads_impr&ea=popunder!!!&_u=AGAAgEAB~&jid=&cid=1974289228.1486586250&tid=UA-15644263-1&z=567405812
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

pragma: no-cache
x-content-type-options: nosniff
server: Golfe2
age: 167305
status: 200
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
date: Mon, 06 Feb 2017 22:09:05 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="35,34"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j47&a=1521669304&t=event&_s=2&dl=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%20file%20sharing&sd=24-bit&sr=1600x1200&vp=1598x1132&je=0&fl=24.0%20r0&ec=ads_impr&ea=popunder!!!&_u=AGAAgEAB~&jid=&cid=1974289228.1486586250&tid=UA-15644263-1&z=567405812
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/37151970/
Redirect Chain

https://mc.yandex.ru/watch/37151970?wmode=5&callback=_ymjsp852087296&page-url=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&browser-info=s%3A1600x1200x24%3Ask%3A1%3Af%3A24.0.0%3Afpr%3A383088170701%3Acn%3...
https://mc.yandex.ru/watch/37151970/1?wmode=5&callback=_ymjsp852087296&page-url=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&browser-info=s%3A1600x1200x24%3Ask%3A1%3Af%3A24.0.0%3Afpr%3A383088170701%3Acn...

112 B
112 B

84ms
41ms

Script
application/javascript

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/37151970/1?wmode=5&callback=_ymjsp852087296&page-url=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&browser-info=s%3A1600x1200x24%3Ask%3A1%3Af%3A24.0.0%3Afpr%3A383088170701%3Acn%3A1%3Aw%3A1598x1132%3Ai%3A20170208203730%3Aet%3A1486586251%3Aen%3Autf-8%3Av%3A774%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A338073263%3Ahid%3A541664244%3Ads%3A47%2C5%2C162%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Afp%3A290%3Awn%3A6880%3Ahl%3A2%3Ast%3A1486586251%3Au%3A1486586251651766845%3At%3APaypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%20file%20sharing

Requested by

Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX , RU),

Reverse DNS

Software

nginx/1.8.1 /

Resource Hash

cde28ccc6643e8fb0e5f2d25b0403e0b3053fa75c59ced8321af678e565ebacc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.8
Accept: */*
Referer: http://ad-file.com/855ThtlHw/
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: mc.yandex.ru
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Cookie: yandexuid=7808059401486586250; yp=1801946250.yrts.1486586250; yabs-sid=1523834331486586250
Connection: keep-alive
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Pragma: no-cache
Last-Modified: Wed, 08 Feb 2017 20:37:30 GMT
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 112
Date: Wed, 08 Feb 2017 20:37:30 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.8.1
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Expires: Wed, 08 Feb 2017 20:37:30 GMT

Redirect headers

Pragma: no-cache
Last-Modified: Wed, 08 Feb 2017 20:37:30 GMT
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Location: https://mc.yandex.ru/watch/37151970/1?wmode=5&callback=_ymjsp852087296&page-url=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&browser-info=s%3A1600x1200x24%3Ask%3A1%3Af%3A24.0.0%3Afpr%3A383088170701%3Acn%3A1%3Aw%3A1598x1132%3Ai%3A20170208203730%3Aet%3A1486586251%3Aen%3Autf-8%3Av%3A774%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A338073263%3Ahid%3A541664244%3Ads%3A47%2C5%2C162%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Afp%3A290%3Awn%3A6880%3Ahl%3A2%3Ast%3A1486586251%3Au%3A1486586251651766845%3At%3APaypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%20file%20sharing
Set-Cookie: yandexuid=7808059401486586250; domain=.yandex.ru; path=/; expires=Sat, 06-Feb-2027 20:37:30 GMT yp=1801946250.yrts.1486586250; domain=.yandex.ru; path=/; expires=Sat, 06-Feb-2027 20:37:30 GMT yabs-sid=1523834331486586250; path=/
Date: Wed, 08 Feb 2017 20:37:30 GMT
Server: nginx/1.8.1
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Length: 0
Expires: Wed, 08 Feb 2017 20:37:30 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
43 B 84ms
42ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX , RU),

Reverse DNS

Software

nginx/1.8.1 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Host: mc.yandex.ru
Accept-Language: en-US,en;q=0.8
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 08 Feb 2017 20:37:30 GMT
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Server: nginx/1.8.1
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Expires: Wed, 02 Jan 2047 20:37:30 GMT

GET display.php
www.pureadexchange.com/a/ Frame 1121 0
0

GET
H/1.1 200
OK invoke.js Show response
www.bnhtml.com/ 3 KB
3 KB 146ms
110ms Script
application/javascript 192.229.133.177
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bnhtml.com/invoke.js
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 192.229.133.177 Santa Monica, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: nginx/1.11.5 /
Resource Hash: 551d3aaef3532905c99577da988f32ed4958fbfc47d1f4ef202800bfb5b6143e

Request headers

Pragma: no-cache
Host: www.bnhtml.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Cache-Control: no-cache
Accept-Encoding: gzip, deflate, sdch
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: http://ad-file.com/855ThtlHw/
Connection: keep-alive
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Length: 3250
Expires: Wed, 08 Feb 2017 20:35:42 GMT
Pragma: no-cache
Last-Modified: Fri, 03 Feb 2017 07:21:02 GMT
Server: nginx/1.11.5
Etag: "58942f5e-cb2"
Content-Type: application/javascript
Date: Wed, 08 Feb 2017 20:35:42 GMT
Cache-Control: max-age=0 no-cache no-store must-revalidate
Accept-Ranges: bytes

GET watch.1249478743422
www.urldelivery.com/ Frame 1121 0
0

GET
H/1.1 200
OK file-extensions-f58f6a19a204b2f64c32d1fba5961aca.woff
ad-file.com/assets/ 46 KB
46 KB 18ms
18ms Font
application/octet-stream 2400:cb00:2048:1::681b:a8e5
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://ad-file.com/assets/file-extensions-f58f6a19a204b2f64c32d1fba5961aca.woff
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681b:a8e5 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 6014f70763e04959ceb462258880af71247fb479438a4c310433941c9c891c84

Request headers

Pragma: no-cache
Origin: http://ad-file.com
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Accept: */*
Referer: http://ad-file.com/assets/application-8ba5fba9b52782d68b5a08d6eacdc2b2.css
Host: ad-file.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Cookie: __cfduid=d35fbdb34e5bd6bb436f8e0b9b502d4d11486586250; _rghost_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTE3ODE1ZDBlMjdjMTQ2ZmRiODY3MDQ1NGU0MDI3N2VjBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTNnK3RIMXArbWp0QWdmR2EyODZYZjFNbml2VVlZSDRzRUF1QmkxZmxVc2c9BjsARg%3D%3D--9d60bf780136d65f5ed691eb797e73746b366ccd; _ga=GA1.2.1974289228.1486586250; _gat=1; _ym_uid=1486586251651766845; _ym_isad=2; _ym_visorc_37151970=w
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/assets/application-8ba5fba9b52782d68b5a08d6eacdc2b2.css
Origin: http://ad-file.com

Response headers

Content-Type: application/octet-stream
Accept-Ranges: bytes
CF-RAY: 32e1e143c5876433-FRA
Content-Length: 46984
Expires: Sat, 06 Feb 2027 20:37:30 GMT
Date: Wed, 08 Feb 2017 20:37:30 GMT
Last-Modified: Thu, 17 Nov 2016 13:01:26 GMT
ETag: "582daa26-b788"
Cache-Control: public, max-age=315360000
Connection: keep-alive
CF-Cache-Status: HIT
Server: cloudflare-nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK fontawesome-webfont-354af4db1daa6e8f246f954d577e6da4.woff2
ad-file.com/assets/ 70 KB
70 KB 7ms
6ms Font
application/octet-stream 2400:cb00:2048:1::681b:a8e5
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://ad-file.com/assets/fontawesome-webfont-354af4db1daa6e8f246f954d577e6da4.woff2?v=4.6.3
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681b:a8e5 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin: http://ad-file.com
Host: ad-file.com
Accept: */*
Cookie: __cfduid=d35fbdb34e5bd6bb436f8e0b9b502d4d11486586250; _rghost_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTE3ODE1ZDBlMjdjMTQ2ZmRiODY3MDQ1NGU0MDI3N2VjBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTNnK3RIMXArbWp0QWdmR2EyODZYZjFNbml2VVlZSDRzRUF1QmkxZmxVc2c9BjsARg%3D%3D--9d60bf780136d65f5ed691eb797e73746b366ccd; _ga=GA1.2.1974289228.1486586250; _gat=1; _ym_uid=1486586251651766845; _ym_isad=2; _ym_visorc_37151970=w
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/assets/application-8ba5fba9b52782d68b5a08d6eacdc2b2.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/assets/application-8ba5fba9b52782d68b5a08d6eacdc2b2.css
Origin: http://ad-file.com

Response headers

Date: Wed, 08 Feb 2017 20:37:30 GMT
Vary: Accept-Encoding
Content-Type: application/octet-stream
Content-Length: 71896
CF-Cache-Status: HIT
Last-Modified: Wed, 27 Jul 2016 22:51:44 GMT
Server: cloudflare-nginx
ETag: "57993b00-118d8"
Cache-Control: public, max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 32e1e143c7aa63eb-FRA
Expires: Sat, 06 Feb 2027 20:37:30 GMT

GET watch.1021162411605
www.urldelivery.com/ Frame 1121 0
0

GET
H/1.1 200
OK toolkit-entypo-028707770e6bc271174c2ca4676c750c.woff2
ad-file.com/assets/ 35 KB
35 KB 7ms
7ms Font
application/octet-stream 2400:cb00:2048:1::681b:a8e5
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://ad-file.com/assets/toolkit-entypo-028707770e6bc271174c2ca4676c750c.woff2
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681b:a8e5 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: c3e1ea1a36ce932fcae0e674b67652835cee66e532ad4ab5bc64b049842a3a6b

Request headers

Accept-Encoding: gzip, deflate, sdch
Host: ad-file.com
Connection: keep-alive
Cache-Control: no-cache
Origin: http://ad-file.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://ad-file.com/assets/application-8ba5fba9b52782d68b5a08d6eacdc2b2.css
Cookie: __cfduid=d35fbdb34e5bd6bb436f8e0b9b502d4d11486586250; _rghost_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTE3ODE1ZDBlMjdjMTQ2ZmRiODY3MDQ1NGU0MDI3N2VjBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTNnK3RIMXArbWp0QWdmR2EyODZYZjFNbml2VVlZSDRzRUF1QmkxZmxVc2c9BjsARg%3D%3D--9d60bf780136d65f5ed691eb797e73746b366ccd; _ga=GA1.2.1974289228.1486586250; _gat=1; _ym_uid=1486586251651766845; _ym_isad=2; _ym_visorc_37151970=w
Pragma: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/assets/application-8ba5fba9b52782d68b5a08d6eacdc2b2.css
Origin: http://ad-file.com

Response headers

Vary: Accept-Encoding
Cache-Control: public, max-age=315360000
Connection: keep-alive
CF-RAY: 32e1e143e5986433-FRA
Content-Length: 35868
Date: Wed, 08 Feb 2017 20:37:30 GMT
Last-Modified: Thu, 17 Nov 2016 13:01:26 GMT
ETag: "582daa26-8c1c"
Accept-Ranges: bytes
Expires: Sat, 06 Feb 2027 20:37:30 GMT
CF-Cache-Status: HIT
Server: cloudflare-nginx
Content-Type: application/octet-stream

GET
H/1.1 200
OK only_ghost-eb3d18f6edb08e623c79e7cde246cd46.svg
ad-file.com/assets/ 4 KB
2 KB 9ms
8ms Image
image/svg+xml 2400:cb00:2048:1::681b:a8e5
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ad-file.com/assets/only_ghost-eb3d18f6edb08e623c79e7cde246cd46.svg
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681b:a8e5 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: f46b37fa1526294e10470548ff7ea6ba4014a97cd092864ac02f969d1f7dd230

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ad-file.com
Accept-Language: en-US,en;q=0.8
Referer: http://ad-file.com/assets/application-8ba5fba9b52782d68b5a08d6eacdc2b2.css
Cookie: __cfduid=d35fbdb34e5bd6bb436f8e0b9b502d4d11486586250; _rghost_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTE3ODE1ZDBlMjdjMTQ2ZmRiODY3MDQ1NGU0MDI3N2VjBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTNnK3RIMXArbWp0QWdmR2EyODZYZjFNbml2VVlZSDRzRUF1QmkxZmxVc2c9BjsARg%3D%3D--9d60bf780136d65f5ed691eb797e73746b366ccd; _ga=GA1.2.1974289228.1486586250; _gat=1; _ym_uid=1486586251651766845; _ym_isad=2; _ym_visorc_37151970=w
Referer: http://ad-file.com/assets/application-8ba5fba9b52782d68b5a08d6eacdc2b2.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Last-Modified: Thu, 17 Nov 2016 13:01:26 GMT
Server: cloudflare-nginx
ETag: W/"582daa26-1198"
Content-Type: image/svg+xml
Date: Wed, 08 Feb 2017 20:37:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 32e1e143f7d063eb-FRA
Expires: Sat, 06 Feb 2027 20:37:30 GMT
CF-Cache-Status: HIT
Transfer-Encoding: chunked
Cache-Control: public, max-age=315360000

POST
H/1.1 200
OK ust Show response
ad-file.com/api/ 1 B
32 B 51ms
50ms XHR
application/json 2400:cb00:2048:1::681b:a8e5
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

http://ad-file.com/api/ust

Requested by

Host: ad-file.com
URL: http://ad-file.com/assets/application-83cdd13b13d0e3dc9153db713f170947.js

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:a8e5 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Host: ad-file.com
Content-Length: 11
Pragma: no-cache
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Cookie: __cfduid=d35fbdb34e5bd6bb436f8e0b9b502d4d11486586250; _rghost_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTE3ODE1ZDBlMjdjMTQ2ZmRiODY3MDQ1NGU0MDI3N2VjBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTNnK3RIMXArbWp0QWdmR2EyODZYZjFNbml2VVlZSDRzRUF1QmkxZmxVc2c9BjsARg%3D%3D--9d60bf780136d65f5ed691eb797e73746b366ccd; _ga=GA1.2.1974289228.1486586250; _gat=1; _ym_uid=1486586251651766845; _ym_isad=2; _ym_visorc_37151970=w
Accept-Encoding: gzip, deflate
X-CSRF-Token: 3g+tH1p+mjtAgfGa286Xf1MnivUYYH4sEAuBi1flUsg=
Accept: */*
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://ad-file.com/855ThtlHw/
Origin: http://ad-file.com
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: http://ad-file.com/855ThtlHw/
Origin: http://ad-file.com
X-CSRF-Token: 3g+tH1p+mjtAgfGa286Xf1MnivUYYH4sEAuBi1flUsg=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

CF-RAY: 32e1e14455d96433-FRA
X-UA-Compatible: IE=Edge,chrome=1
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Content-Encoding: gzip
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Transfer-Encoding: chunked
Server: cloudflare-nginx
Date: Wed, 08 Feb 2017 20:37:30 GMT
X-XSS-Protection: 1; mode=block
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK reformal.js Show response
media.reformal.ru/widgets/v3/ 15 KB
5 KB 12ms
6ms Script
application/x-javascript 139.162.151.130
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://media.reformal.ru/widgets/v3/reformal.js
Requested by: Host: ad-file.com
URL: http://ad-file.com/assets/application-83cdd13b13d0e3dc9153db713f170947.js
Protocol: HTTP/1.1
Server: 139.162.151.130 Frankfurt, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: reformal.ru
Software: nginx/1.10.1 /
Resource Hash: 1a7323caffa56f81335acbce8066c1154d23666a2fb3fc7049c22a41c8e12f00

Request headers

Pragma: no-cache
Referer: http://ad-file.com/855ThtlHw/
Connection: keep-alive
Accept: */*
Cache-Control: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: media.reformal.ru
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Encoding: gzip
Last-Modified: Wed, 27 Apr 2016 09:51:47 GMT
Server: nginx/1.10.1
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=315360000
Date: Wed, 08 Feb 2017 20:37:30 GMT
ETag: W/"57208bb3-3b0d"
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK lb202924_1.js Show response
c.luxup.ru/t/ 53 KB
22 KB 87ms
43ms Script
application/x-javascript 109.248.237.35
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.luxup.ru/t/lb202924_1.js?rt=62509450063
Requested by: Host: ad-file.com
URL: http://ad-file.com/assets/banners_head_code-57ddb8ffdc140b63597deff9a381e13d.js
Protocol: HTTP/1.1
Server: 109.248.237.35 Cheboksary, Russian Federation, ASN201009 (SUPPORTIT-AS , RU),
Reverse DNS
Software: nginx /
Resource Hash: 3b65fb3b8dc2cd1c0b3baf83f54ff0787efa601d00c6303de23133b0d79f7437

Request headers

Pragma: no-cache
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Connection: keep-alive
Accept-Encoding: gzip, deflate, sdch
Host: c.luxup.ru
Accept: */*
Referer: http://ad-file.com/855ThtlHw/
Cache-Control: no-cache
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2017 16:54:48 GMT
Server: nginx
ETag: W/"5899fbd8-d3ac"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: keep-alive
Date: Wed, 08 Feb 2017 20:37:31 GMT

GET
H/1.1 200
OK 37151970
mc.yandex.ru/clmap/ 43 B
43 B 42ms
42ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/clmap/37151970?page-url=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&pointer-click=rn%3A804361241%3Ax%3A0%3Ay%3A0%3At%3A4%3Ap%3A%3FAA1AA1AA1A6A1&browser-info=st%3A1486586251%3Au%3A1486586251651766845

Requested by

Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX , RU),

Reverse DNS

Software

nginx/1.8.1 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Cookie: yandexuid=7808059401486586250; yp=1801946250.yrts.1486586250; yabs-sid=1523834331486586250
Connection: keep-alive
Accept-Encoding: gzip, deflate, sdch, br
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
Cache-Control: no-cache
Pragma: no-cache
Accept-Language: en-US,en;q=0.8
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Expires: Wed, 08 Feb 2017 20:37:30 GMT
Pragma: no-cache
Last-Modified: Wed, 08 Feb 2017 20:37:30 GMT
Server: nginx/1.8.1
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Content-Length: 43
Date: Wed, 08 Feb 2017 20:37:30 GMT
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Type: image/gif

GET
H/1.1 200 / Show response
luxup2.ru/multishows/602202/ 240 B
199 B 86ms
43ms Script
application/x-javascript 109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://luxup2.ru/multishows/602202/?rt=625143530&flash=24.0.0&f=__lxG202924__625108206&scr=1600x1200&wnd=1598x1132
Requested by: Host: c.luxup.ru
URL: http://c.luxup.ru/t/lb202924_1.js?rt=62509450063
Protocol: HTTP/1.1
Server: 109.248.237.36 Cheboksary, Russian Federation, ASN201009 (SUPPORTIT-AS , RU),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: c055b15251d2b8848c8b38ff1ec1f209e8cba013aaad5bb99da96fca48e395a8

Request headers

Referer: http://ad-file.com/855ThtlHw/
Cache-Control: no-cache
Accept: */*
Connection: keep-alive
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: luxup2.ru
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type: application/x-javascript; charset=utf-8
Date: Wed, 08 Feb 2017 20:37:32 GMT
Content-Encoding: gzip
Server: nginx/1.8.0
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1 200 Cookie set / Show response
stat.adlabs.ru/md/ 213 B
188 B 86ms
43ms Script
text/javascript 109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://stat.adlabs.ru/md/?lxname=__lxG202924__625108206&lx_alg=172&lx_params=rt%3d625143530%26flash%3d24.0.0%26f%3d__lxG202924__625108206%26scr%3d1600x1200%26wnd%3d1598x1132&lx_ids=602202&&f=__lxG202924__625108206
Requested by: Host: c.luxup.ru
URL: http://c.luxup.ru/t/lb202924_1.js?rt=62509450063
Protocol: HTTP/1.1
Server: 109.248.237.36 Cheboksary, Russian Federation, ASN201009 (SUPPORTIT-AS , RU),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: 643fbbce2672a6e701c4f32fc1b28a5ccf44397c5b270f29a3138c15b92943e6

Request headers

Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
Connection: keep-alive
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: stat.adlabs.ru
Accept: */*
Cache-Control: no-cache
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

P3P: policyref="adlabs.ru/w3c/p3p.xml",CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: keep-alive
Set-Cookie: __XID=6384840964723123169; Domain=.adlabs.ru; expires=Mon, 07-Feb-2022 20:43:51 GMT; Path=/
Date: Wed, 08 Feb 2017 20:37:32 GMT
Content-Encoding: gzip
Server: nginx/1.8.0

GET
H/1.1 200 Cookie set rt=625161120&flash=24.0.0&f=__lxG202924__625108206&scr=1600x1200&wnd=1598x1132&md=6384840964723123169 Show response
luxup2.ru/multishows/602202/ 979 B
485 B 131ms
130ms Script
text/javascript 109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://luxup2.ru/multishows/602202/rt=625161120&flash=24.0.0&f=__lxG202924__625108206&scr=1600x1200&wnd=1598x1132&md=6384840964723123169
Requested by: Host: c.luxup.ru
URL: http://c.luxup.ru/t/lb202924_1.js?rt=62509450063
Protocol: HTTP/1.1
Server: 109.248.237.36 Cheboksary, Russian Federation, ASN201009 (SUPPORTIT-AS , RU),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: 47590e1a2463cd49743112921850358412b7b9620110605cbd0f6ddb41595757

Request headers

Host: luxup2.ru
Accept-Language: en-US,en;q=0.8
Accept: */*
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Set-Cookie: __XID=6384840964723123169; Domain=.luxup2.ru; expires=Sat, 11-Mar-2017 20:37:32 GMT; Path=/ __LXPSID1=6384840964723123169; Domain=.luxup2.ru; expires=Sat, 11-Mar-2017 20:37:32 GMT; Path=/ _LXVF=; Domain=.luxup2.ru; expires=Sun, 09-Apr-2017 20:37:32 GMT; Path=/ _LXVCF=; Domain=.luxup2.ru; expires=Sun, 09-Apr-2017 20:37:32 GMT; Path=/ _LXDVF=3722926_4264966804,3963911_4294967295,; Domain=.luxup2.ru; expires=Sun, 09-Apr-2017 20:37:32 GMT; Path=/ __LXUNBOOM=; Domain=.luxup2.ru; expires=Sun, 09-Apr-2017 20:37:32 GMT; Path=/ __LXUN=; Domain=.luxup2.ru; expires=Sun, 09-Apr-2017 20:37:32 GMT; Path=/
Date: Wed, 08 Feb 2017 20:37:32 GMT
Content-Encoding: gzip
Server: nginx/1.8.0
P3P: policyref="luxup2.ru/w3c/p3p.xml",CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" policyref="luxup2.ru/w3c/p3p.xml",CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

GET
H/1.1

200
Ok

/
gmp.luxcdn.com/tr/
Redirect Chain

http://cm.g.doubleclick.net/pixel?google_nid=albs&google_cm=&psid=6384840964723123169&google_hm=NjM4NDg0MDk2NDcyMzEyMzE2OQ&_lxrnd_=625174429&google_tc=
http://gmp.luxcdn.com/tr/?psid=6384840964723123169&_lxrnd_=625174429&google_gid=CAESEEY479NikfhUq16Ikh-RU20&google_cver=1

43 B
43 B

90ms
47ms

Image
image/gif

109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gmp.luxcdn.com/tr/?psid=6384840964723123169&_lxrnd_=625174429&google_gid=CAESEEY479NikfhUq16Ikh-RU20&google_cver=1
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 109.248.237.36 Cheboksary, Russian Federation, ASN201009 (SUPPORTIT-AS , RU),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-US,en;q=0.8
Accept: image/webp,image/*,*/*;q=0.8
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: gmp.luxcdn.com
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Wed, 08 Feb 2017 20:37:32 GMT
Server: nginx/1.8.0
Connection: keep-alive

Redirect headers

X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: HTTP server (unknown)
Content-Type: text/html; charset=UTF-8
Content-Length: 330
Set-Cookie: id=22010e4b232f00e2||t=1486586251|et=730|cs=002213fd4879f33a81ce01605e; expires=Fri, 08-Feb-2019 20:37:31 GMT; path=/; domain=.doubleclick.net test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUl5azCAp8SkQ2rppReYB89UAJkjyw_BTyQX-2tqTqaxDR4mlk4VEA; expires=Fri, 08-Feb-2019 20:37:31 GMT; path=/; domain=.doubleclick.net; HttpOnly
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Wed, 08 Feb 2017 20:37:31 GMT
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://gmp.luxcdn.com/tr/?psid=6384840964723123169&_lxrnd_=625174429&google_gid=CAESEEY479NikfhUq16Ikh-RU20&google_cver=1
Cache-Control: no-cache, must-revalidate

GET
H/1.1

200

/
stat.adlabs.ru/merge_gpsid/
Redirect Chain

http://track.recreativ.ru/mtch.php?nid=6&psid=6384840964723123169&_lxrnd_=625174414
http://stat.adlabs.ru/merge_gpsid/?sid=8&id=22115721608

43 B
68 B

43ms
43ms

Image
image/gif

109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stat.adlabs.ru/merge_gpsid/?sid=8&id=22115721608
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 109.248.237.36 Cheboksary, Russian Federation, ASN201009 (SUPPORTIT-AS , RU),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ad-file.com/855ThtlHw/
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Host: stat.adlabs.ru
Cookie: __XID=6384840964723123169
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 08 Feb 2017 20:37:32 GMT
Content-Encoding: gzip
Server: nginx/1.8.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Server: nginx
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
location: http://stat.adlabs.ru/merge_gpsid/?sid=8&id=22115721608
Connection: close
Set-Cookie: rccid0=eJwFwUENACAMA0ArCICk7QJdpgcJPCeeOzYNIVsit8WDnPe1QC9oIYdU4Qp%2B344Jww%3D%3D; expires=Tue, 09-Feb-2027 08:37:31 GMT; Max-Age=315576000; path=/; domain=.recreativ.ru rccid0=eJw1yLENgDAMBMBVGCCR%2Ft%2FGdjIPI6T08NAgXXVsJoRqibxTDNSIP8PKy7HCU8ZPrPGcFpgTmqhL2pbb%2BAJdAhA1; expires=Tue, 09-Feb-2027 08:37:31 GMT; Max-Age=315576000; path=/; domain=.recreativ.ru
Date: Wed, 08 Feb 2017 20:37:31 GMT

GET
H/1.1

200

/
stat.adlabs.ru/merge_gpsid/
Redirect Chain

http://dumedia.ad.admitad.com/uid/sync/admitad?uid=s16d9esb7kwaosso&url=http%3A%2F%2Fstat.adlabs.ru%2Fmerge_gpsid%2F%3Fsid%3D10%26id%3Ds16d9esb7kwaosso
http://stat.adlabs.ru/merge_gpsid/?sid=10&id=s16d9esb7kwaosso

43 B
68 B

71ms
45ms

Image
image/gif

109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stat.adlabs.ru/merge_gpsid/?sid=10&id=s16d9esb7kwaosso
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 109.248.237.37 Cheboksary, Russian Federation, ASN201009 (SUPPORTIT-AS , RU),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: stat.adlabs.ru
Accept: image/webp,image/*,*/*;q=0.8
Cookie: __XID=6384840964723123169
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Server: nginx/1.8.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif
Date: Wed, 08 Feb 2017 20:37:32 GMT
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 Feb 2017 20:37:31 GMT
Server: nginx
Location: http://stat.adlabs.ru/merge_gpsid/?sid=10&id=s16d9esb7kwaosso
Connection: keep-alive
X-Queue-Time: 1.1579990386963
X-Time: 2.8989315032959
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache
X-Total-Time: 4.0569305419922

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ 42 B
53 B 367ms
58ms Image
image/gif 195.209.111.4
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=28&external_id=6384840964723123169&_lxrnd_=625174430
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 195.209.111.4 , Russian Federation, ASN52007 (ADRIVER-AS , RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Host: ssp.adriver.ru
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
Accept-Encoding: gzip, deflate, sdch
Accept: image/webp,image/*,*/*;q=0.8
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/

Response headers

Date: Wed, 08 Feb 2017 20:37:32 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1

200
OK

pix.png
madnetex.com/pixel/
Redirect Chain

http://sync.madnet.ru/image?source=adlabs&return_url=http%3A%2F%2Fstat.adlabs.ru%2Fmerge_gpsid%2F%3Fsid%3D14%26id%3D%7BUID%7D&id=6384840964723123169&_lxrnd_=625174442
http://madnetex.com/pixel/pix.png

159 B
159 B

28ms
13ms

Image
image/png

78.140.184.98
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://madnetex.com/pixel/pix.png
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 78.140.184.98 , Netherlands, ASN35415 (WEBZILLA , NL),
Reverse DNS
Software: nginx /
Resource Hash: 2f7e5daac960cb12ae2ed407960c5f28c195baf7f076b4f56bd838917158f2d0

Request headers

Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ad-file.com/855ThtlHw/
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: madnetex.com
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159
Date: Wed, 08 Feb 2017 20:37:31 GMT
Last-Modified: Fri, 20 Jan 2017 13:00:04 GMT
Server: nginx
ETag: "588209d4-9f"
Content-Type: image/png

Redirect headers

Content-Length: 180
Content-Type: text/html
Location: http://madnetex.com/pixel/pix.png
Date: Wed, 08 Feb 2017 20:37:31 GMT
Server: nginx
Connection: keep-alive

GET
H/1.1

200

/
stat.adlabs.ru/merge_gpsid/
Redirect Chain

http://s.uuidksinc.net/match/33/6384840964723123169&_lxrnd_=625174479
http://stat.adlabs.ru/merge_gpsid/?sid=21&id=y0yDggrqkp84qyXQNmVf

43 B
68 B

72ms
44ms

Image
image/gif

109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stat.adlabs.ru/merge_gpsid/?sid=21&id=y0yDggrqkp84qyXQNmVf
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 109.248.237.36 Cheboksary, Russian Federation, ASN201009 (SUPPORTIT-AS , RU),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Host: stat.adlabs.ru
Accept-Language: en-US,en;q=0.8
Accept: image/webp,image/*,*/*;q=0.8
Cookie: __XID=6384840964723123169
Accept-Encoding: gzip, deflate, sdch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/

Response headers

Content-Encoding: gzip
Server: nginx/1.8.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif
Date: Wed, 08 Feb 2017 20:37:32 GMT

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 08 Feb 2017 20:38:08 GMT
Access-control-allow-origin: *
Access-control-allow-methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Location: http://stat.adlabs.ru/merge_gpsid/?sid=21&id=y0yDggrqkp84qyXQNmVf
Server: nginx/1.10.1
Set-Cookie: jcsuidupd=y0yDggrqkp84qyXQNmVf;expires=Sat, 03 Feb 2018 23:37:32 GMT jcsuuid=y0yDggrqkp84qyXQNmVf;expires=Sat, 03 Feb 2018 23:37:32 GMT
Access-control-allow-headers: X-Requested-With Content-Type

GET 6384840964723123169&_lxrnd_=625174474
contextlab.ru/pixel/ 0
0

GET
H/1.1

200

/
stat.adlabs.ru/merge_gpsid/
Redirect Chain

http://recreativ.ru/mtch/19/6384840964723123169&_lxrnd_=625174480
http://stat.adlabs.ru/merge_gpsid/?sid=29&id=22115721609

43 B
68 B

86ms
44ms

Image
image/gif

109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stat.adlabs.ru/merge_gpsid/?sid=29&id=22115721609
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 109.248.237.36 Cheboksary, Russian Federation, ASN201009 (SUPPORTIT-AS , RU),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: stat.adlabs.ru
Accept: image/webp,image/*,*/*;q=0.8
Connection: keep-alive
Cache-Control: no-cache
Cookie: __XID=6384840964723123169
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 08 Feb 2017 20:37:32 GMT
Content-Encoding: gzip
Server: nginx/1.8.0
Connection: keep-alive
Transfer-Encoding: chunked

Redirect headers

Date: Wed, 08 Feb 2017 20:37:31 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
location: http://stat.adlabs.ru/merge_gpsid/?sid=29&id=22115721609
Connection: close
Set-Cookie: rccid0=eJwFwcENACAIA8BVHECStkRB5nEEnwzvHZsBIVsiV4gbZ97XAsMgQw6pPMr5Ad%2BmCcQ%3D; expires=Tue, 09-Feb-2027 08:37:31 GMT; Max-Age=315576000; path=/; domain=.recreativ.ru rccid0=eJw1yLkNwDAMA8BVMoANkJSix%2FNkBJcePmkCXHU8TAh1JPJOMdCD%2FW9YeTk6PGX8RI9nH4E5oYm6pGW5jC9sgBBq; expires=Tue, 09-Feb-2027 08:37:31 GMT; Max-Age=315576000; path=/; domain=.recreativ.ru

GET
H/1.1

200

/
stat.adlabs.ru/merge_gpsid/
Redirect Chain

http://adlabs-sync.rutarget.ru/sync?lx_psid=6384840964723123169&_lxrnd_=625174447
http://stat.adlabs.ru/merge_gpsid/?sid=35&id=m6P7aRoepfiB

43 B
68 B

63ms
43ms

Image
image/gif

109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stat.adlabs.ru/merge_gpsid/?sid=35&id=m6P7aRoepfiB
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 109.248.237.36 Cheboksary, Russian Federation, ASN201009 (SUPPORTIT-AS , RU),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-US,en;q=0.8
Referer: http://ad-file.com/855ThtlHw/
Cookie: __XID=6384840964723123169
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Connection: keep-alive
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 08 Feb 2017 20:37:32 GMT
Content-Encoding: gzip
Server: nginx/1.8.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Location: http://stat.adlabs.ru/merge_gpsid/?sid=35&id=m6P7aRoepfiB
Date: Wed, 08 Feb 2017 20:37:31 GMT
Connection: close
Server: nginx/1.8.1
Set-Cookie: userId=m6P7aRoepfiB; Path=/; Domain=.rutarget.ru; Expires=Mon, 07 Aug 2017 20:37:31 GMT

GET
H/1.1

200

/
stat.adlabs.ru/merge_gpsid/
Redirect Chain

http://sync-eu.exe.bid/image?source=adlabs&return_url=%2F%2Fstat.adlabs.ru%2Fmerge_gpsid%2F%3Fsid%3D38%26id%3D%7BUID%7D&id=6384840964723123169&_lxrnd_=625174435&session_tpt=eyJoZWFkZXJzIjp7InJlZmVy...
http://stat.adlabs.ru/merge_gpsid/?sid=38&id=51bb88dc-d175-4342-acb0-65cbe4e98867

43 B
68 B

86ms
44ms

Image
image/gif

109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stat.adlabs.ru/merge_gpsid/?sid=38&id=51bb88dc-d175-4342-acb0-65cbe4e98867
Requested by: Host: ad-file.com
URL: http://ad-file.com/855ThtlHw/
Protocol: HTTP/1.1
Server: 109.248.237.36 Cheboksary, Russian Federation, ASN201009 (SUPPORTIT-AS , RU),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept: image/webp,image/*,*/*;q=0.8
Cookie: __XID=6384840964723123169
Connection: keep-alive
Cache-Control: no-cache
Host: stat.adlabs.ru
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
Pragma: no-cache
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 08 Feb 2017 20:37:32 GMT
Content-Encoding: gzip
Server: nginx/1.8.0
Connection: keep-alive
Transfer-Encoding: chunked

Redirect headers

Server: nginx
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type: image/webp
Location: http://stat.adlabs.ru/merge_gpsid/?sid=38&id=51bb88dc-d175-4342-acb0-65cbe4e98867
Connection: keep-alive
Set-Cookie: user_id=51bb88dc-d175-4342-acb0-65cbe4e98867;Version=1;Domain=.exe.bid;Path=/;Max-Age=315360000
Content-Length: 0
Date: Wed, 08 Feb 2017 20:37:31 GMT

GET
H/1.1 200
OK Cookie set favicon.ico
ad-file.com/ 157 KB
157 KB 14ms
8ms Other
image/gif 2400:cb00:2048:1::681b:a8e5
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://ad-file.com/favicon.ico?v1
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681b:a8e5 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 0b8552235ed69437188ad2be249f8c43d5cf6265763f1df84c791e6d89aa0414

Request headers

Host: ad-file.com
Accept: image/webp,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://ad-file.com/855ThtlHw/
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Referer: http://ad-file.com/855ThtlHw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Server: cloudflare-nginx
Content-Type: image/gif
Set-Cookie: __cfduid=dbc297d572b7554db995039120292727a1486586253; expires=Thu, 08-Feb-18 20:37:33 GMT; path=/; domain=.ad-file.com; HttpOnly
Expires: Fri, 10 Mar 2017 20:37:33 GMT
Date: Wed, 08 Feb 2017 20:37:33 GMT
CF-RAY: 32e1e151a62e6433-FRA
Vary: Accept-Encoding
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Content-Length: 161113
CF-Cache-Status: HIT
Last-Modified: Thu, 17 Nov 2016 13:01:26 GMT
ETag: "582daa26-27559"
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.pureadexchange.com
URL: http://www.pureadexchange.com/a/display.php?r=1347547&treqn=876452791&runauction=1&crr=65cccd3e2dac19b0dea7HMHZ2kQL1kSF0RXeHMHZs4iIvRSLocCblAyBzR2BzRGAyRWM1UTK5de4672c9e79104d5f5b&rtid=589b818a977fd&cbrandom=0.575742240976064&cbtitle=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%20file%20sharing&cbiframe=0&cbWidth=1598&cbHeight=1132&cbdescription=Paypal%20Checker.php.%20download%20Paypal%20Checker.php.%20Fast%20and%20free%20download%20from%20rghost&cbkeywords=Paypal%20Checker.php%2C%20download%20Paypal%20Checker.php%2C%20Paypal%2C%20Checker%2C%20php%2C%20download%20Paypal%20Checker.php%2C%20rghost

Domain: www.urldelivery.com
URL: http://www.urldelivery.com/watch.1249478743422?key=629a22b0df2663b0b1e5ee37c1c2377e&kw=%5B%22paypal%22%2C%22checker%22%2C%22php%22%2C%22%E2%80%94%22%2C%22rghost%22%2C%22%E2%80%94%22%2C%22file%22%2C%22sharing%22%5D&refer=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&tz=0

Domain: www.urldelivery.com
URL: http://www.urldelivery.com/watch.1021162411605?key=629a22b0df2663b0b1e5ee37c1c2377e&kw=%5B%22paypal%22%2C%22checker%22%2C%22php%22%2C%22%E2%80%94%22%2C%22rghost%22%2C%22%E2%80%94%22%2C%22file%22%2C%22sharing%22%5D&refer=http%3A%2F%2Fad-file.com%2F855ThtlHw%2F&tz=0

Domain: contextlab.ru
URL: http://contextlab.ru/pixel/6384840964723123169&_lxrnd_=625174474

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-file.com
c.luxup.ru
contextlab.ru
counter.yadro.ru
gmp.luxcdn.com
igronas.ru
luxup2.ru
madnetex.com
mc.yandex.ru
media.reformal.ru
ssp.adriver.ru
stat.adlabs.ru
stats.g.doubleclick.net
www.bnhtml.com
www.google-analytics.com
www.pureadexchange.com
www.urldelivery.com
contextlab.ru
www.pureadexchange.com
www.urldelivery.com
104.197.19.30
109.248.237.35
109.248.237.36
109.248.237.37
139.162.151.130
192.229.133.177
195.209.111.4
209.239.120.72
2400:cb00:2048:1::681b:a8e5
2a00:1450:400e:805::200e
2a00:1450:4013:c05::9d
2a02:6b8::1:119
78.140.184.98
88.212.201.197
0b8552235ed69437188ad2be249f8c43d5cf6265763f1df84c791e6d89aa0414
103e46f3c13d4b2374d582b97c1e6adc449123d232ff0073693ebfc2fdf4c1b6
1548f97e741ee74aaf783e9511f5e8b27d2709f34bbd8b96343d4810be5a7d3b
1a7323caffa56f81335acbce8066c1154d23666a2fb3fc7049c22a41c8e12f00
22801a33062992783f79ed3668214ba9f2fea1d6894e70fccd072a1272ea1f12
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f7e5daac960cb12ae2ed407960c5f28c195baf7f076b4f56bd838917158f2d0
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3b65fb3b8dc2cd1c0b3baf83f54ff0787efa601d00c6303de23133b0d79f7437
3ce672632d9ccd249014dc1bb913f7fa26ad5758fe180671e5cfb90b0f8a55d3
47590e1a2463cd49743112921850358412b7b9620110605cbd0f6ddb41595757
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551d3aaef3532905c99577da988f32ed4958fbfc47d1f4ef202800bfb5b6143e
6014f70763e04959ceb462258880af71247fb479438a4c310433941c9c891c84
63ca3d79e98ca0b0755a9f9d5b2aaeb1261082541001742f19080315b452e888
643fbbce2672a6e701c4f32fc1b28a5ccf44397c5b270f29a3138c15b92943e6
73a005a418b50e82885402d05aabaa67f3726eaa306a268f3a2ad5c2417cc422
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a038a127d69614e36ff29738fd7607a4bed976995f15e6cb028e1b4fbe48a37e
abf32d4a74c945b6eaa866188df11d764d6e5818f83f3e7e549fc88c70e200e0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c055b15251d2b8848c8b38ff1ec1f209e8cba013aaad5bb99da96fca48e395a8
c3e1ea1a36ce932fcae0e674b67652835cee66e532ad4ab5bc64b049842a3a6b
cde28ccc6643e8fb0e5f2d25b0403e0b3053fa75c59ced8321af678e565ebacc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f408e6022ec846b7628aac4adb86ece828e4d7605fad9a33bbbae14bf2202595
f46b37fa1526294e10470548ff7ea6ba4014a97cd092864ac02f969d1f7dd230

ad-file.com Open in urlscan Pro 2400:cb00:2048:1::681b:a8e5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

43 Requests

19 %HTTPS

29 %IPv6

17 Domains

17 Subdomains

15 IPs

5 Countries

581 kBTransfer

1560 kBSize

0 Cookies

1 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ad-file.com Open in urlscan Pro
2400:cb00:2048:1::681b:a8e5 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

19 %
HTTPS

29 %
IPv6

17
Domains

17
Subdomains

15
IPs

5
Countries

581 kB
Transfer

1560 kB
Size

0
Cookies

43 HTTP transactions
0 data transactions