www.repetitor.ua Open in urlscan Pro
2606:4700:3037::6815:60b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.planeta.vika.repetitor.ua/External/redirect.aspx
Effective URL:
http://www.repetitor.ua/
Submission Tags: falconsandbox
Submission: On July 20 via api (July 20th 2021, 2:34:17 am UTC) from US

Summary HTTP 237 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 56 IPs in 13 countries across 59 domains to perform 237 HTTP transactions. The main IP is 2606:4700:3037::6815:60b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.repetitor.ua.

This is the only time www.repetitor.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.203.4.186 91.203.4.186	25229 (VOLIA-AS) (VOLIA-AS)
22	2606:4700:303... 2606:4700:3037::6815:60b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	91.203.4.181 91.203.4.181	25229 (VOLIA-AS) (VOLIA-AS)
2	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
1	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	212.1.66.239 212.1.66.239	6846 (UKRPACK) (UKRPACK)
1 2	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
2 4	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 2	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1 1	212.118.48.164 212.118.48.164	56806 (ASCOM4S) (ASCOM4S)
1	91.227.52.186 91.227.52.186	56806 (ASCOM4S) (ASCOM4S)
1	2606:4700:303... 2606:4700:3032::6815:5ad0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1 5	88.208.46.48 88.208.46.48	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
17	95.216.224.23 95.216.224.23	24940 (HETZNER-AS) (HETZNER-AS)
1 2	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5 8	148.251.159.22 148.251.159.22	24940 (HETZNER-AS) (HETZNER-AS)
3 6	195.201.57.28 195.201.57.28	24940 (HETZNER-AS) (HETZNER-AS)
3 3	138.201.36.215 138.201.36.215	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 2	89.184.66.167 89.184.66.167	28907 (MIROHOST ...) (MIROHOST Web hosting)
4	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2 9	146.0.227.107 146.0.227.107	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
3	207.154.204.189 207.154.204.189	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
12	136.243.149.224 136.243.149.224	24940 (HETZNER-AS) (HETZNER-AS)
1 3	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
13 13	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
11 11	195.209.108.37 195.209.108.37	52007 (ADRIVER-AS) (ADRIVER-AS)
1	54.194.21.127 54.194.21.127	16509 (AMAZON-02) (AMAZON-02)
1 2	194.247.175.26 194.247.175.26	196831 (BEMOBILE-AS) (BEMOBILE-AS)
3 3	52.29.176.117 52.29.176.117	16509 (AMAZON-02) (AMAZON-02)
2 2	54.171.74.241 54.171.74.241	16509 (AMAZON-02) (AMAZON-02)
8 11	195.54.48.26 195.54.48.26	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
6	95.216.240.254 95.216.240.254	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2606:4700:303... 2606:4700:3037::6815:42b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::6815:2875	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12 15	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
6 6	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
3	212.76.131.50 212.76.131.50	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
7	104.18.16.65 104.18.16.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.184.66.89 89.184.66.89	28907 (MIROHOST ...) (MIROHOST Web hosting)
1	212.1.66.234 212.1.66.234	6846 (UKRPACK) (UKRPACK)
2	194.247.175.38 194.247.175.38	196831 (BEMOBILE-AS) (BEMOBILE-AS)
1	104.19.134.80 104.19.134.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	93.184.221.133 93.184.221.133	15133 (EDGECAST) (EDGECAST)
3 9	34.117.231.160 34.117.231.160	15169 (GOOGLE) (GOOGLE)
3	195.54.48.25 195.54.48.25	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
3 6	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
24	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
6 6	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
6 6	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
6 6	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
6 12	199.187.193.166 199.187.193.166	47043 (SMARTADSE...) (SMARTADSERVER)
3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 6	35.201.80.102 35.201.80.102	15169 (GOOGLE) (GOOGLE)
6 6	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
3 6	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
3 3	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
3 3	91.216.195.18 91.216.195.18	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
3	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
6 18	51.38.250.94 51.38.250.94	16276 (OVH) (OVH)
3 6	54.205.106.87 54.205.106.87	14618 (AMAZON-AES) (AMAZON-AES)
3	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
3 6	52.95.123.167 52.95.123.167	16509 (AMAZON-02) (AMAZON-02)
3 3	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
237	56

1 91.203.4.186 (Kyiv, Ukraine) 1 redirects

ASN25229 (VOLIA-AS, UA)

www.planeta.vika.repetitor.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3037::6815:60b (United States)

ASN13335 (CLOUDFLARENET, US)

www.repetitor.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.203.4.181 (Kyiv, Ukraine)

ASN25229 (VOLIA-AS, UA)

repetitor-ua.advon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icode.advon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.41 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.zmctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.1.66.239 (Ukraine)

ASN6846 (UKRPACK, UA)

b.c8.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.239.68.97 (Ukraine) 1 redirects

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.212.201.198 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.18 (Moscow, Russian Federation) 1 redirects

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.118.48.164 (Russian Federation) 1 redirects

ASN56806 (ASCOM4S, RU)

www.megastock.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.227.52.186 (Moscow, Russian Federation)

ASN56806 (ASCOM4S, RU)

megastock.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:5ad0 (United States)

ASN13335 (CLOUDFLARENET, US)

advon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.208.46.48 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

farension.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 95.216.224.23 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.23.224.216.95.clients.your-server.de

am15.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 148.251.159.22 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.22.159.251.148.clients.your-server.de

t02.rbnt.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rbnt.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 195.201.57.28 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.36.215 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)

x.instreamatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.184.66.167 (Ukraine) 1 redirects

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)

ssp.c8.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 146.0.227.107 (Ascension Island) 2 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 207.154.204.189 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

static.weborama.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 136.243.149.224 (Germany)

ASN24940 (HETZNER-AS, DE)

pixel.vihub.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.vihub.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.65 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.66 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 195.209.108.37 (Russian Federation) 11 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.21.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-21-127.eu-west-1.compute.amazonaws.com

ismatlab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.247.175.26 (Ukraine) 1 redirects

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.176.117 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.74.241 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 195.54.48.26 (France) 8 redirects

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: aub-collect-lb-c03-02-vip.weborama.fr

wam.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wam-google.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.216.240.254 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.254.240.216.95.clients.your-server.de

b.am15.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:42b2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ad.advon.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:2875 (United States)

ASN13335 (CLOUDFLARENET, US)

infoworks.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 136.243.148.229 (Germany) 12 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 89.108.120.76 (Russian Federation) 6 redirects

ASN197695 (AS-REG, RU)

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.76.131.50 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
PTR: vs25.videonow.ru

sync.videonow.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.16.65 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.66.89 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)

match.c8.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.1.66.234 (Ukraine)

ASN6846 (UKRPACK, UA)

r.c8.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.247.175.38 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

source.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.134.80 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 93.184.221.133 (London, United Kingdom)

ASN15133 (EDGECAST, US)

cstatic.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.117.231.160 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 160.231.117.34.bc.googleusercontent.com

ds.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.54.48.25 (France)

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)

aimfar.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.198.69.109 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.87 (Amsterdam, Netherlands) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.14.49 (Frankfurt am Main, Germany) 6 redirects

ASN54113 (FASTLY, US)

rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::13 (France) 6 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.201 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 199.187.193.166 (Canada) 6 redirects

ASN47043 (SMARTADSERVER, CA)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.201.80.102 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)

dx.frontend.weborama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.131 (United States) 6 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.248.159 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.82.100.182 (Dublin, Ireland) 3 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.216.195.18 (France) 3 redirects

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)

wam-yahoo.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.192.166 (France)

ASN16276 (OVH, FR)

sync-uid.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 51.38.250.94 (France) 6 redirects

ASN16276 (OVH, FR)

p.crm4d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.205.106.87 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.95.123.167 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.50 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	weborama.fr 14 redirects wam.solution.weborama.fr cstatic.weborama.fr ds.frontend.weborama.fr aimfar.solution.weborama.fr wam-google.solution.weborama.fr idsync.frontend.weborama.fr wam-yahoo.solution.weborama.fr	32 KB
23	am15.net am15.net b.am15.net	186 KB
23	repetitor.ua 1 redirects www.planeta.vika.repetitor.ua www.repetitor.ua	150 KB
18	crm4d.com 6 redirects p.crm4d.com	11 KB
18	admixer.net 2 redirects cdn.admixer.net inv-nets.admixer.net	197 KB
15	1dmp.io 12 redirects sync.1dmp.io	9 KB
13	doubleclick.net 13 redirects cm.g.doubleclick.net	2 KB
12	smartadserver.com 6 redirects sync.smartadserver.com	2 KB
12	vihub.ru pixel.vihub.ru dmp.vihub.ru	33 KB
11	adriver.ru 11 redirects ad.adriver.ru	6 KB
9	adnxs.com 9 redirects secure.adnxs.com ib.adnxs.com	8 KB
8	rbnt.org 5 redirects t02.rbnt.org rbnt.org	4 KB
7	adskeeper.com jsc.adskeeper.com c.adskeeper.com servicer.adskeeper.com cm.adskeeper.com s-img.adskeeper.com	89 KB
6	amazon-adsystem.com 3 redirects aax-eu.amazon-adsystem.com	4 KB
6	audrte.com 3 redirects a.audrte.com	5 KB
6	tapad.com 3 redirects pixel.tapad.com	2 KB
6	adsrvr.org 6 redirects match.adsrvr.org	3 KB
6	weborama.com 3 redirects dx.frontend.weborama.com	1 KB
6	criteo.com 6 redirects gum.criteo.com	2 KB
6	everesttech.net 6 redirects rtd-tm.everesttech.net	2 KB
6	exelator.com 3 redirects loadus.exelator.com	5 KB
6	aidata.io 6 redirects x01.aidata.io	4 KB
6	yandex.com 2 redirects mc.yandex.com	2 KB
6	otm-r.com 3 redirects sync.dmp.otm-r.com	850 B
6	bigmir.net 1 redirects c.bigmir.net i.bigmir.net	2 KB
6	c8.net.ua 1 redirects b.c8.net.ua ssp.c8.net.ua match.c8.net.ua r.c8.net.ua	37 KB
5	farension.com 1 redirects farension.com	22 KB
4	yadro.ru 2 redirects counter.yadro.ru	2 KB
4	advon.net repetitor-ua.advon.net advon.net icode.advon.net	3 KB
3	adform.net c1.adform.net	1 KB
3	zemanta.com b1sync.zemanta.com	381 B
3	leadplace.fr sync-uid.leadplace.fr	1 KB
3	yahoo.com 3 redirects cms.analytics.yahoo.com	2 KB
3	rlcdn.com idsync.rlcdn.com	773 B
3	mathtag.com 3 redirects pixel.mathtag.com	2 KB
3	videonow.ru sync.videonow.ru	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	trafmag.com m.trafmag.com	1 KB
3	creativecdn.com 1 redirects prebid-eu.creativecdn.com creativecdn.com	855 B
3	weborama.io static.weborama.io	27 KB
3	mail.ru ad.mail.ru	2 KB
3	instreamatic.com 3 redirects x.instreamatic.com	1 KB
3	google-analytics.com www.google-analytics.com	17 KB
2	bemobile.ua source.mmi.bemobile.ua	24 KB
2	infoworks.ru infoworks.ru	2 KB
2	scoota.co 2 redirects r.scoota.co	1 KB
2	tns-ua.com 1 redirects pa.tns-ua.com	468 B
2	betweendigital.com 2 redirects ads.betweendigital.com	973 B
2	yandex.ru 1 redirects mc.yandex.ru	71 KB
2	uuidksinc.net 1 redirects s.uuidksinc.net uuidksinc.net	3 KB
2	megastock.ru 1 redirects www.megastock.ru megastock.ru	1 KB
2	rambler.ru 1 redirects counter.rambler.ru	1 KB
2	yastatic.net yastatic.net	39 KB
1	adskeeper.co.uk cdn.adskeeper.co.uk	2 KB
1	advon.info 1 redirects ad.advon.info	781 B
1	ismatlab.com ismatlab.com	149 B
1	googleapis.com ajax.googleapis.com	25 KB
1	zmctrack.net s.zmctrack.net	452 B
0	livestatisc.com Failed livestatisc.com Failed
237	59

	Domain	Requested by
24	idsync.frontend.weborama.fr	loadus.exelator.com
22	www.repetitor.ua	www.repetitor.ua
18	p.crm4d.com	6 redirects p.crm4d.com
17	am15.net	icode.advon.net am15.net infoworks.ru
15	sync.1dmp.io	12 redirects am15.net
13	cm.g.doubleclick.net	13 redirects
12	sync.smartadserver.com	6 redirects
11	ad.adriver.ru	11 redirects
9	ds.frontend.weborama.fr	3 redirects cstatic.weborama.fr
9	dmp.vihub.ru	pixel.vihub.ru am15.net
9	inv-nets.admixer.net	2 redirects cdn.admixer.net www.repetitor.ua
9	cdn.admixer.net	www.repetitor.ua cdn.admixer.net
8	wam.solution.weborama.fr	5 redirects am15.net
6	aax-eu.amazon-adsystem.com	3 redirects
6	a.audrte.com	3 redirects
6	pixel.tapad.com	3 redirects
6	match.adsrvr.org	6 redirects
6	dx.frontend.weborama.com	3 redirects
6	gum.criteo.com	6 redirects
6	rtd-tm.everesttech.net	6 redirects
6	secure.adnxs.com	6 redirects
6	loadus.exelator.com	3 redirects cstatic.weborama.fr
6	cstatic.weborama.fr	static.weborama.io cstatic.weborama.fr
6	x01.aidata.io	6 redirects
6	b.am15.net	am15.net
6	mc.yandex.com	2 redirects www.repetitor.ua mc.yandex.ru
6	sync.dmp.otm-r.com	3 redirects am15.net
5	rbnt.org	2 redirects am15.net
5	farension.com	1 redirects advon.net farension.com
4	i.bigmir.net	www.repetitor.ua
4	counter.yadro.ru	2 redirects www.repetitor.ua
3	ib.adnxs.com	3 redirects
3	c1.adform.net	cstatic.weborama.fr
3	b1sync.zemanta.com	cstatic.weborama.fr
3	sync-uid.leadplace.fr	cstatic.weborama.fr
3	wam-yahoo.solution.weborama.fr	3 redirects
3	cms.analytics.yahoo.com	3 redirects
3	idsync.rlcdn.com	cstatic.weborama.fr
3	pixel.mathtag.com	3 redirects
3	wam-google.solution.weborama.fr	3 redirects
3	aimfar.solution.weborama.fr	cstatic.weborama.fr
3	sync.videonow.ru	am15.net
3	x.bidswitch.net	3 redirects
3	m.trafmag.com	www.repetitor.ua
3	pixel.vihub.ru	am15.net
3	static.weborama.io	am15.net
3	ad.mail.ru	am15.net
3	x.instreamatic.com	3 redirects
3	t02.rbnt.org	3 redirects
3	www.google-analytics.com	www.repetitor.ua
2	s-img.adskeeper.com	am15.net
2	cm.adskeeper.com	jsc.adskeeper.com
2	source.mmi.bemobile.ua	r.c8.net.ua source.mmi.bemobile.ua
2	infoworks.ru	www.repetitor.ua ad.advon.info
2	r.scoota.co	2 redirects
2	pa.tns-ua.com	1 redirects www.repetitor.ua source.mmi.bemobile.ua
2	creativecdn.com	1 redirects www.repetitor.ua
2	ads.betweendigital.com	2 redirects
2	mc.yandex.ru	1 redirects yastatic.net
2	ssp.c8.net.ua	1 redirects www.repetitor.ua
2	icode.advon.net	repetitor-ua.advon.net
2	counter.rambler.ru	1 redirects www.repetitor.ua
2	c.bigmir.net	1 redirects www.repetitor.ua
2	b.c8.net.ua	www.repetitor.ua
2	yastatic.net	www.repetitor.ua
1	servicer.adskeeper.com	jsc.adskeeper.com
1	cdn.adskeeper.co.uk	am15.net
1	c.adskeeper.com	jsc.adskeeper.com
1	r.c8.net.ua	b.c8.net.ua
1	match.c8.net.ua	b.c8.net.ua
1	jsc.adskeeper.com	am15.net
1	ad.advon.info	1 redirects
1	uuidksinc.net	farension.com
1	ismatlab.com	www.repetitor.ua
1	prebid-eu.creativecdn.com	cdn.admixer.net
1	s.uuidksinc.net	1 redirects
1	advon.net	repetitor-ua.advon.net
1	megastock.ru	www.repetitor.ua
1	www.megastock.ru	1 redirects
1	ajax.googleapis.com	www.repetitor.ua
1	s.zmctrack.net	www.repetitor.ua
1	repetitor-ua.advon.net	www.repetitor.ua
1	www.planeta.vika.repetitor.ua	1 redirects
0	livestatisc.com Failed	am15.net
237	84

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
connect.ok.ru
connect.mail.ru
twitter.com
referat.repetitor.ua
anastasia_prodan.repetitor.ua
neuropsycholog_detskiy.repetitor.ua
tsdford.repetitor.ua
annanekrylova0405.repetitor.ua
dimas007.repetitor.ua
yaroslava_nazarenko.repetitor.ua
tebiti3638.repetitor.ua
ale_bio.repetitor.ua
www.bigmir.net
www.liveinternet.ru
top100.rambler.ru
passport.webmoney.ru

Subject Issuer	Validity	Valid
s.zmctrack.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-21` - `2022-04-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.c8.net.ua R3	`2021-06-13` - `2021-09-11`	3 months	crt.sh
*.rambler.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-20` - `2022-05-19`	a year	crt.sh
megastock.ru Sectigo RSA Domain Validation Secure Server CA	`2020-11-02` - `2021-11-11`	a year	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-08` - `2022-06-21`	a year	crt.sh
farension.com R3	`2021-06-03` - `2021-09-01`	3 months	crt.sh
rbnt.org R3	`2021-07-08` - `2021-10-06`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
counter.yadro.ru R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-10` - `2022-06-22`	a year	crt.sh
ismatlab.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-11` - `2022-05-11`	a year	crt.sh
juke.mmi.tns-ua.com R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
*.solution.weborama.fr Go Daddy Secure Certificate Authority - G2	`2020-01-11` - `2022-03-11`	2 years	crt.sh
sync.1dmp.io R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
*.vihub.ru Sectigo RSA Domain Validation Secure Server CA	`2020-02-05` - `2022-02-04`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.frontend.weborama.fr Go Daddy Secure Certificate Authority - G2	`2021-02-20` - `2022-03-24`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.frontend.weborama.com Go Daddy Secure Certificate Authority - G2	`2019-08-29` - `2021-10-27`	2 years	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2020-09-11` - `2021-09-12`	a year	crt.sh
crm4d.com R3	`2021-06-25` - `2021-09-23`	3 months	crt.sh
*.audrte.com Amazon	`2021-01-26` - `2022-02-24`	a year	crt.sh
*.zemanta.com DigiCert SHA2 Secure Server CA	`2020-08-23` - `2021-09-01`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh

This page contains 29 frames:

Primary Page: http://www.repetitor.ua/
Frame ID: DD33590719D07EAD2E3B7FE23DC15273
Requests: 82 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 5E9223A96B1897C5593EFDFFD6DB2AEF
Requests: 1 HTTP requests in this frame

Frame: http://icode.advon.net/728x90.htm
Frame ID: 0024620615CEE51D004DA8C543E9E01C
Requests: 3 HTTP requests in this frame

Frame: http://icode.advon.net/728x90.htm
Frame ID: 8EE3F87AE5F2233F6F09E875828CD594
Requests: 3 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/c.html
Frame ID: 6D5A38645C89CCE055DD915242CC7A3D
Requests: 1 HTTP requests in this frame

Frame: http://am15.net/x/uid.php?rand=1046832132&uid=TKlNpoQ
Frame ID: 2C4C2792C831523CE6930F3703FAA148
Requests: 1 HTTP requests in this frame

Frame: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=172818430
Frame ID: 3579CB6CEA40AA1CEFAA1D6BFEB11771
Requests: 13 HTTP requests in this frame

Frame: http://am15.net/x/uid.php?rand=1191294763&uid=vzk62rd
Frame ID: 16B0AE799BB62890FB02C4A4A304E7C0
Requests: 1 HTTP requests in this frame

Frame: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=520460621
Frame ID: 595BF375276E9F8498C7F72A4BFF1A36
Requests: 13 HTTP requests in this frame

Frame: https://farension.com/js/cs?uuid=09bf234b-16a2-46e5-8f6c-e972de7aa0ea&oid=2b5EIsTxCDXehfAEZ2oI
Frame ID: 06F98A2CD5EB50412A995FB67CB2B517
Requests: 1 HTTP requests in this frame

Frame: http://uuidksinc.net/matchx.html
Frame ID: 4402A92CA16018BDD3564C1202764305
Requests: 1 HTTP requests in this frame

Frame: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=02031df9-d032-4051-b8bc-5fee38aa20b4
Frame ID: 3CFC632809A2E9974D6D757ABDD33C4B
Requests: 3 HTTP requests in this frame

Frame: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=b6a56554-ddc8-4181-a7cd-eb8d7ee5e50d
Frame ID: CD40233FADC8EF35964E99D83E6FDC37
Requests: 3 HTTP requests in this frame

Frame: http://am15.net/bn2.php?sw=1600&sh=1200&k=b1w107000709b40f13b9bd2b00247594f304728a2107200533&s=0&dpr=1&f=6
Frame ID: E70BAA52F59A8D92E76D93F3F515E637
Requests: 3 HTTP requests in this frame

Frame: http://infoworks.ru/240x350.js
Frame ID: 288578B4E92441647B271F14758DE8B3
Requests: 1 HTTP requests in this frame

Frame: http://infoworks.ru/rab_google_250.htm
Frame ID: 6C82A56BBDD3C20C590858CCBBACD61E
Requests: 3 HTTP requests in this frame

Frame: http://am15.net/x/uid.php?rand=42930306&uid=0EZU6FE
Frame ID: 6AD34FFC79F661361C0F83333B1E60CE
Requests: 1 HTTP requests in this frame

Frame: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=513105121
Frame ID: CEFDE5464A77409F7775282C2C1EDD78
Requests: 13 HTTP requests in this frame

Frame: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=93cd9bcf-69b0-4029-84f5-f7bbfbc6470a
Frame ID: EB73459F088B92A191FBEFE40BE02D03
Requests: 10 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1626748433384316380344
Frame ID: 62245E00CC708CBCD1B002DEAFBDD54B
Requests: 1 HTTP requests in this frame

Frame: http://cstatic.weborama.fr/iframe/external_all.html
Frame ID: 52E14492195C58301EEB1117673A2A60
Requests: 25 HTTP requests in this frame

Frame: http://cstatic.weborama.fr/iframe/external_all.html
Frame ID: 233BBAB868B56CDB450B2A649C1E51F3
Requests: 25 HTTP requests in this frame

Frame: http://cstatic.weborama.fr/iframe/external_all.html
Frame ID: 913DE934184BC89EE57ADFC2BF0149AF
Requests: 25 HTTP requests in this frame

Frame: https://aimfar.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prx&g.r=8580314995633092863
Frame ID: 93E8D44C086C92FFDC70D6DB9722B1CF
Requests: 1 HTTP requests in this frame

Frame: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
Frame ID: 4BC7BB4C09CBFC3169B978702890D8D3
Requests: 2 HTTP requests in this frame

Frame: https://aimfar.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prx&g.r=9823039533234320190
Frame ID: 283FA1835F32363C72EFE14087C2FD88
Requests: 1 HTTP requests in this frame

Frame: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
Frame ID: 4247C424B266329B1602BBF646A5399C
Requests: 2 HTTP requests in this frame

Frame: https://aimfar.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prx&g.r=3114974822832776836
Frame ID: D52A5F249EC0336D12A0E41092E1D928
Requests: 1 HTTP requests in this frame

Frame: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
Frame ID: 1CF6D58E65ABF427A587819268D2E008
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.planeta.vika.repetitor.ua/External/redirect.aspx HTTP 302
http://www.repetitor.ua/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

237
Requests

57 %
HTTPS

16 %
IPv6

59
Domains

84
Subdomains

56
IPs

13
Countries

987 kB
Transfer

2089 kB
Size

0
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/share.php?url=http%3A%2F%2Fwww.repetitor.ua%2F&title=%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&utm_source=share2
Title: ВКонтакте

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?src=sp&u=http%3A%2F%2Fwww.repetitor.ua%2F&title=%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&utm_source=share2
Title: Facebook

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=http%3A%2F%2Fwww.repetitor.ua%2F&title=%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&utm_source=share2
Title: Одноклассники

Search URL Search Domain Scan URL

URL: https://connect.mail.ru/share?url=http%3A%2F%2Fwww.repetitor.ua%2F&title=%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&utm_source=share2
Title: Мой Мир

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&url=http%3A%2F%2Fwww.repetitor.ua%2F&utm_source=share2
Title: Twitter

Search URL Search Domain Scan URL

URL: http://referat.repetitor.ua/
Title: Рефераты

Search URL Search Domain Scan URL

URL: http://anastasia_prodan.repetitor.ua/
Title: Продан Анастасія

Search URL Search Domain Scan URL

URL: http://neuropsycholog_detskiy.repetitor.ua/
Title: Заболотняя Алёна

Search URL Search Domain Scan URL

URL: http://tsdford.repetitor.ua/
Title: Турчинська Світлана Давидівна

Search URL Search Domain Scan URL

URL: http://annanekrylova0405.repetitor.ua/
Title: Гончаренко Анна Алексеевна

Search URL Search Domain Scan URL

URL: http://dimas007.repetitor.ua/
Title: Дмитрий

Search URL Search Domain Scan URL

URL: http://yaroslava_nazarenko.repetitor.ua/
Title: Назаренко Ярослава Олеговна

Search URL Search Domain Scan URL

URL: http://tebiti3638.repetitor.ua/
Title: tebiti3638

Search URL Search Domain Scan URL

URL: http://ale_bio.repetitor.ua/
Title: Александра Владимировна Предлагаю помощь в подготовке к ВНО по биологии и химии,...

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://top100.rambler.ru/top100/

Search URL Search Domain Scan URL

URL: https://passport.webmoney.ru/asp/certview.asp?wmid=143385800816
Title: Проверить аттестат

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.planeta.vika.repetitor.ua/External/redirect.aspx HTTP 302
http://www.repetitor.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 6

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=535650005&utmhn=www.repetitor.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&utmhid=670198763&utmr=-&utmp=%2F&utmht=1626748429578&utmac=UA-24521833-1&utmcc=__utma%3D235781890.1255959449.1626748430.1626748430.1626748430.1%3B%2B__utmz%3D235781890.1626748430.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1389274234&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=535650005&utmhn=www.repetitor.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&utmhid=670198763&utmr=-&utmp=%2F&utmht=1626748429578&utmac=UA-24521833-1&utmcc=__utma%3D235781890.1255959449.1626748430.1626748430.1626748430.1%3B%2B__utmz%3D235781890.1626748430.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1389274234&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 16

http://counter.rambler.ru/top100.cnt?829511 HTTP 307
https://counter.rambler.ru/top100.cnt?829511

Request Chain 18

http://www.megastock.ru/doc/Logo/v_blue_on_white_ru.png HTTP 301
https://megastock.ru/doc/Logo/v_blue_on_white_ru.png

Request Chain 49

https://farension.com/js/cs?uuid=09bf234b-16a2-46e5-8f6c-e972de7aa0ea HTTP 302
https://s.uuidksinc.net/match/433/09bf234b-16a2-46e5-8f6c-e972de7aa0ea?cb_url=https%3A%2F%2Ffarension.com%2Fjs%2Fcs%3Fuuid%3D09bf234b-16a2-46e5-8f6c-e972de7aa0ea%26oid%3D%5BUID%5D HTTP 302
https://farension.com/js/cs?uuid=09bf234b-16a2-46e5-8f6c-e972de7aa0ea&oid=2b5EIsTxCDXehfAEZ2oI

Request Chain 50

http://t02.rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203 HTTP 301
https://rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203 HTTP 302
https://rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203&csc=1

Request Chain 51

http://sync.dmp.otm-r.com/match/aotm.js HTTP 301
https://sync.dmp.otm-r.com/match/aotm.js

Request Chain 52

http://x.instreamatic.com/v2/mark/787.gif HTTP 302
http://ad.mail.ru/cm.gif?p=66&id=be45edcd33e38011

Request Chain 53

http://ssp.c8.net.ua/getcode.php?key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1733&domain=&rnd=195371397&pid=9&format_id=13&sw=1600&sh=1200&ctype=&cbw=&w=240&h=400&c8_sa=0;0;5&container_id=c8net_code_f1733913&is=1&is_ssl=0&ref=&passback=&metric=&project_id=&location=http%3A//www.repetitor.ua/ HTTP 302
http://ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1733&domain=&rnd=195371397&pid=9&format_id=13&sw=1600&sh=1200&ctype=&cbw=&w=240&h=400&c8_sa=0;0;5&container_id=c8net_code_f1733913&is=1&is_ssl=0&ref=&passback=&metric=&project_id=&location=http%3A//www.repetitor.ua/

Request Chain 54

http://c.bigmir.net/?v122928&s124528&t6&c1&n476265&w0&y0&d24&r1600 HTTP 302
http://i.bigmir.net/cnt/06.gif

Request Chain 55

http://counter.yadro.ru/hit;education_stat?r;s1600*1200*24;uhttp%3A//www.repetitor.ua/;0.5243360762644351 HTTP 302
https://counter.yadro.ru/hit;education_stat?r;s1600*1200*24;uhttp%3A//www.repetitor.ua/;0.5243360762644351 HTTP 302
https://counter.yadro.ru/hit;education_stat?q;r;s1600*1200*24;uhttp%3A//www.repetitor.ua/;0.5243360762644351

Request Chain 66

http://t02.rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203 HTTP 301
https://rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203 HTTP 302
https://rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203&csc=1

Request Chain 67

http://sync.dmp.otm-r.com/match/aotm.js HTTP 301
https://sync.dmp.otm-r.com/match/aotm.js

Request Chain 68

http://x.instreamatic.com/v2/mark/787.gif HTTP 302
http://ad.mail.ru/cm.gif?p=66&id=07ea02599928dce7

Request Chain 73

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=349fc324-d100-52c9-a926-3c16c9d00a03

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc= HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEOKOM-TyR010P_L820ey-7U&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=530edb2619a143bb9a3d6b217bd7fa12

Request Chain 75

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NmZmMzkyZmJiOGRlNGE0NWFjOGFhMjBhN2NiMjZkMTc=&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NmZmMzkyZmJiOGRlNGE0NWFjOGFhMjBhN2NiMjZkMTc=&google_cm=&google_tc= HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESECi6LQnveEA_9xsf1ke7bAM&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=8cebd6c5faec4c7b9166c1f3a06b48a5

Request Chain 77

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-5669160290 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Ao3vbdEkdeu7GrxQ631R32A

Request Chain 80

https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=6ff392fbb8de4a45ac8aa20a7cb26d17 HTTP 302
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z2AE5D3AEADD4A66AC075EA776172543&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=6ff392fbb8de4a45ac8aa20a7cb26d17

Request Chain 81

https://x.bidswitch.net/sync?ssp=admixer&user_id=6ff392fbb8de4a45ac8aa20a7cb26d17&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=6ff392fbb8de4a45ac8aa20a7cb26d17&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a31b2efa-4465-436c-8e68-c37894249739&ssp=admixer HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=a09bd8e0-7fc0-42f0-bf23-f2dd5599e087&gdpr=&consent=&gdpr_pd=

Request Chain 85

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9339.xv0ClRCf4Lj9wntzyv3blt01HHQ24_b8VJ4yGLm_VY3gzPXPst5O3n1iYqKU1AuW.uvgN-4ugJ_orM5Hc2J9H9sO_K3M%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9339.fgroTG61zmKauHKOzMBf-_m5ubC9L4aq6uQtBxgKQzwLfOFYPqr_AmyKitbUf9O8PUmdZp8OHwio5s8TwB_BeQ%2C%2C.fwqDHTW1i8Jyyq_lw1s06aWdXL4%2C

Request Chain 90

http://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_bbgf8g69m4nv21t HTTP 301
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_bbgf8g69m4nv21t HTTP 302
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=792002&d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_bbgf8g69m4nv21t

Request Chain 91

http://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_khlsfv3u4ok7yi4 HTTP 301
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_khlsfv3u4ok7yi4 HTTP 302
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=863784&d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_khlsfv3u4ok7yi4

Request Chain 96

https://mc.yandex.com/watch/26812653?wmode=7&page-url=http%3A%2F%2Fwww.repetitor.ua%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A8030%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A556522861711%3Ahid%3A4223096%3Az%3A120%3Ai%3A20210720043350%3Aet%3A1626748430%3Ac%3A1%3Arn%3A52994990%3Au%3A16267484301052183163%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626748421661%3Ads%3A10%2C5%2C4426%2C90%2C3409%2C0%2C%2C519%2C34%2C%2C%2C%2C8372%3Adsn%3A9%2C6%2C4425%2C90%2C3408%2C0%2C%2C433%2C33%2C%2C%2C%2C8372%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1626748431%3At%3A%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B HTTP 302
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fwww.repetitor.ua%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A8030%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A556522861711%3Ahid%3A4223096%3Az%3A120%3Ai%3A20210720043350%3Aet%3A1626748430%3Ac%3A1%3Arn%3A52994990%3Au%3A16267484301052183163%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626748421661%3Ads%3A10%2C5%2C4426%2C90%2C3409%2C0%2C%2C519%2C34%2C%2C%2C%2C8372%3Adsn%3A9%2C6%2C4425%2C90%2C3408%2C0%2C%2C433%2C33%2C%2C%2C%2C8372%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1626748431%3At%3A%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B

Request Chain 108

http://ad.advon.info/240x350.js HTTP 301
http://infoworks.ru/240x350.js

Request Chain 115

http://t02.rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203 HTTP 301
https://rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203

Request Chain 116

http://sync.dmp.otm-r.com/match/aotm.js HTTP 301
https://sync.dmp.otm-r.com/match/aotm.js

Request Chain 117

http://x.instreamatic.com/v2/mark/787.gif HTTP 302
http://ad.mail.ru/cm.gif?p=66&id=49289a4e4503f6ba

Request Chain 122

http://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_rq6rtewf6v96p40 HTTP 301
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_rq6rtewf6v96p40

Request Chain 123

http://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=ffa09f72-6c7f-49f1-944e-d423cb6a05ce HTTP 301
https://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=ffa09f72-6c7f-49f1-944e-d423cb6a05ce HTTP 302
https://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=ffa09f72-6c7f-49f1-944e-d423cb6a05ce&cs=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm=&google_tc= HTTP 302
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEGUWksgd-EKP3KbmvtnCMnM&google_gid=CAESEGUWksgd-EKP3KbmvtnCMnM&google_cver=1 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEGUWksgd-EKP3KbmvtnCMnM&google_gid=CAESEGUWksgd-EKP3KbmvtnCMnM&google_cver=1&cs=1

Request Chain 124

http://x01.aidata.io/0.gif?pid=VIHUB&id=ffa09f72-6c7f-49f1-944e-d423cb6a05ce HTTP 302
http://x01.aidata.io/0.gif?pid=VIHUB&id=ffa09f72-6c7f-49f1-944e-d423cb6a05ce&bounce=1 HTTP 302
http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=

Request Chain 126

http://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=ffa09f72-6c7f-49f1-944e-d423cb6a05ce HTTP 301
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=ffa09f72-6c7f-49f1-944e-d423cb6a05ce HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=ffa09f72-6c7f-49f1-944e-d423cb6a05ce&tuid=-6378782629 HTTP 302
https://dmp.vihub.ru/match?sysid=adr&redir=no&uid=AOHOoxA6kuWQ4G4csuAbV5Q

Request Chain 127

http://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=aef54244-44e6-4888-9ce6-86fe5843e282 HTTP 301
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=aef54244-44e6-4888-9ce6-86fe5843e282 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=aef54244-44e6-4888-9ce6-86fe5843e282&tuid=-6151796416 HTTP 302
https://dmp.vihub.ru/match?sysid=adr&redir=no&uid=ABx9sGSkX6R72rAHUPReo1A

Request Chain 128

http://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=aef54244-44e6-4888-9ce6-86fe5843e282 HTTP 301
https://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=aef54244-44e6-4888-9ce6-86fe5843e282 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=aef54244-44e6-4888-9ce6-86fe5843e282&cs=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm=&google_tc= HTTP 302
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEMYFPh3IJ3JHNxOmSHr3LWI&google_gid=CAESEMYFPh3IJ3JHNxOmSHr3LWI&google_cver=1 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEMYFPh3IJ3JHNxOmSHr3LWI&google_gid=CAESEMYFPh3IJ3JHNxOmSHr3LWI&google_cver=1&cs=1

Request Chain 129

http://x01.aidata.io/0.gif?pid=VIHUB&id=aef54244-44e6-4888-9ce6-86fe5843e282 HTTP 302
http://x01.aidata.io/0.gif?pid=VIHUB&id=aef54244-44e6-4888-9ce6-86fe5843e282&bounce=1 HTTP 302
http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=

Request Chain 131

http://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=86e5b168-a2b5-4316-ad75-646237084f99 HTTP 301
https://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=86e5b168-a2b5-4316-ad75-646237084f99 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=86e5b168-a2b5-4316-ad75-646237084f99&cs=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm=&google_tc= HTTP 302
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEEpnlpziHUOagp57AvojPH8&google_gid=CAESEEpnlpziHUOagp57AvojPH8&google_cver=1 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEEpnlpziHUOagp57AvojPH8&google_gid=CAESEEpnlpziHUOagp57AvojPH8&google_cver=1&cs=1

Request Chain 132

http://x01.aidata.io/0.gif?pid=VIHUB&id=86e5b168-a2b5-4316-ad75-646237084f99 HTTP 302
http://x01.aidata.io/0.gif?pid=VIHUB&id=86e5b168-a2b5-4316-ad75-646237084f99&bounce=1 HTTP 302
http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=

Request Chain 134

http://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=86e5b168-a2b5-4316-ad75-646237084f99 HTTP 301
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=86e5b168-a2b5-4316-ad75-646237084f99 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=86e5b168-a2b5-4316-ad75-646237084f99&tuid=-5857214049 HTTP 302
https://dmp.vihub.ru/match?sysid=adr&redir=no&uid=AeiAgunP5E4PO1pnQOB38iw

Request Chain 162

https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync HTTP 302
https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync&bounce=1&random=3956012523

Request Chain 163

https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync HTTP 302
https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync&bounce=1&random=1069426459

Request Chain 164

https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync HTTP 302
https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync&bounce=1&random=1343826483

Request Chain 166

https://loadus.exelator.com/load/?p=204&g=1020&j=w HTTP 302
https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm HTTP 302
https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1 HTTP 301
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEOHU8meRzunG-380jklZgEc&google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1

Request Chain 169

https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus_id%26value%3D%24UID HTTP 302
https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=4420247395321800422

Request Chain 170

https://rtd-tm.everesttech.net/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul_id%26value%3D%24%7BUSER_ID%7D HTTP 302
https://rtd-tm.everesttech.net/ct/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul_id%26value%3D%24%7BUSER_ID%7D&_test=YPY2FwAAPahdBwAQ HTTP 302
https://idsync.frontend.weborama.fr/ids?key=tubemogul_id&value=YPY2FwAAPahdBwAQ

Request Chain 171

https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2_id%26value%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2_id%26value%3D%40USERID%40 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=criteov2_id&value=XtFbyv4rD7K3CJnvuqPIKrvqDUy0_RIj

Request Chain 172

https://pixel.mathtag.com/sync/img?mt_exid=10014&redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dmediamath_id%26value%3D%5BMM_UUID%5D HTTP 302
https://idsync.frontend.weborama.fr/ids?key=mediamath_id&value=a22360f6-3617-4f00-8c28-0b8cc2d1040a

Request Chain 173

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D&cklb=1

Request Chain 175

https://dx.frontend.weborama.com/collect?dsp_id=0&eid=qzH0uZXGiEer HTTP 302
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=qzH0uZXGiEer&bounce=1&random=3062129958

Request Chain 176

https://match.adsrvr.org/track/cmf/generic?ttd_pid=4n2tpwc&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=4n2tpwc&ttd_tpi=1 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=thetradedesk_id&value=035868b8-0000-4d06-98b8-762b705aaf1e

Request Chain 177

https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=qzH0uZXGiEer HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=qzH0uZXGiEer

Request Chain 178

https://cms.analytics.yahoo.com/cms?partner_id=WEBMA&gdpr=false HTTP 302
https://wam-yahoo.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=tp&d.k=yahoo_id&d.v=y-J1dLNwxE2oeX.CTYzFa5xZTy4hTzRdQDdDg-~A HTTP 302
https://idsync.frontend.weborama.fr/ids?key=yahoo_id&value=y-J1dLNwxE2oeX.CTYzFa5xZTy4hTzRdQDdDg-~A

Request Chain 180

https://p.crm4d.com/emt/sync/weborama?uid=XYrPZ7Dd1BXHpUJKIjfFZ. HTTP 303
https://p.crm4d.com/sync/weborama/match?uid=XYrPZ7Dd1BXHpUJKIjfFZ.

Request Chain 181

https://a.audrte.com/match?p=1468142154&uid=XYrPZ7Dd1BXHpUJKIjfFZ. HTTP 302
https://a.audrte.com/p

Request Chain 184

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=WFlyUFo3RGQxQlhIcFVKS0lqZkZaLg HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=WFlyUFo3RGQxQlhIcFVKS0lqZkZaLg&dcc=t

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm HTTP 302
https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1 HTTP 301
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEOHU8meRzunG-380jklZgEc&google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1

Request Chain 186

https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus_id%26value%3D%24UID HTTP 302
https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=1352431169615688835

Request Chain 187

https://rtd-tm.everesttech.net/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul_id%26value%3D%24%7BUSER_ID%7D HTTP 302
https://rtd-tm.everesttech.net/ct/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul_id%26value%3D%24%7BUSER_ID%7D&_test=YPY2FwAAPaldBgAQ HTTP 302
https://idsync.frontend.weborama.fr/ids?key=tubemogul_id&value=YPY2FwAAPaldBgAQ

Request Chain 188

https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2_id%26value%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2_id%26value%3D%40USERID%40 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=criteov2_id&value=7Jd1nVp85kg3XamPT9WjGtdh2FjHZmqc

Request Chain 189

https://pixel.mathtag.com/sync/img?mt_exid=10014&redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dmediamath_id%26value%3D%5BMM_UUID%5D HTTP 302
https://idsync.frontend.weborama.fr/ids?key=mediamath_id&value=cb6f60f6-3617-4300-b003-2bba481c7751

Request Chain 190

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D&cklb=1

Request Chain 191

https://match.adsrvr.org/track/cmf/generic?ttd_pid=4n2tpwc&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=4n2tpwc&ttd_tpi=1 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=thetradedesk_id&value=035868b8-0000-4d06-98b8-762b705aaf1e

Request Chain 192

https://cms.analytics.yahoo.com/cms?partner_id=WEBMA&gdpr=false HTTP 302
https://wam-yahoo.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=tp&d.k=yahoo_id&d.v=y-ijD0g6BE2odB5e2vLyTiaiUlYD3DIvXOXKQ-~A HTTP 302
https://idsync.frontend.weborama.fr/ids?key=yahoo_id&value=y-ijD0g6BE2odB5e2vLyTiaiUlYD3DIvXOXKQ-~A

Request Chain 194

https://loadus.exelator.com/load/?p=204&g=1020&j=w HTTP 302
https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1

Request Chain 197

https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Cdyj9Y28x3MJ HTTP 302
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Cdyj9Y28x3MJ&bounce=1&random=3995430291

Request Chain 198

https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=Cdyj9Y28x3MJ HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=Cdyj9Y28x3MJ

Request Chain 200

https://p.crm4d.com/emt/sync/weborama?uid=MLI/6VVvp8gq4CrRMBZOF. HTTP 303
https://p.crm4d.com/sync/weborama/match?uid=MLI%2F6VVvp8gq4CrRMBZOF.

Request Chain 201

https://a.audrte.com/match?p=1468142154&uid=MLI/6VVvp8gq4CrRMBZOF. HTTP 302
https://a.audrte.com/p

Request Chain 204

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=TUxJLzZWVnZwOGdxNENyUk1CWk9GLg HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=TUxJLzZWVnZwOGdxNENyUk1CWk9GLg&dcc=t

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm HTTP 302
https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1 HTTP 301
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEOHU8meRzunG-380jklZgEc&google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1

Request Chain 206

https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus_id%26value%3D%24UID HTTP 302
https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=3352680221727473115

Request Chain 207

https://rtd-tm.everesttech.net/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul_id%26value%3D%24%7BUSER_ID%7D HTTP 302
https://rtd-tm.everesttech.net/ct/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul_id%26value%3D%24%7BUSER_ID%7D&_test=YPY2FwAAPVFdCgAQ HTTP 302
https://idsync.frontend.weborama.fr/ids?key=tubemogul_id&value=YPY2FwAAPVFdCgAQ

Request Chain 208

https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2_id%26value%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2_id%26value%3D%40USERID%40 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=criteov2_id&value=-jnv-Kkbdgr4r-RTqLVwvFZ8UCSLC5g2

Request Chain 209

https://pixel.mathtag.com/sync/img?mt_exid=10014&redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dmediamath_id%26value%3D%5BMM_UUID%5D HTTP 302
https://idsync.frontend.weborama.fr/ids?key=mediamath_id&value=66a260f6-3617-4f00-94d9-8bb1327e8fc1

Request Chain 210

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D&cklb=1

Request Chain 212

https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Cdyj9Y28x3MJ HTTP 302
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Cdyj9Y28x3MJ&bounce=1&random=1034063952

Request Chain 213

https://match.adsrvr.org/track/cmf/generic?ttd_pid=4n2tpwc&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=4n2tpwc&ttd_tpi=1 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=thetradedesk_id&value=035868b8-0000-4d06-98b8-762b705aaf1e

Request Chain 214

https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=Cdyj9Y28x3MJ HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=Cdyj9Y28x3MJ

Request Chain 215

https://cms.analytics.yahoo.com/cms?partner_id=WEBMA&gdpr=false HTTP 302
https://wam-yahoo.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=tp&d.k=yahoo_id&d.v=y-91onCg1E2odZSk66iUsd_g14WHU_SmxCSeo-~A HTTP 302
https://idsync.frontend.weborama.fr/ids?key=yahoo_id&value=y-91onCg1E2odZSk66iUsd_g14WHU_SmxCSeo-~A

Request Chain 217

https://p.crm4d.com/emt/sync/weborama?uid=MLI/6VVvp8gq4CrRMBZOF. HTTP 303
https://p.crm4d.com/sync/weborama/match?uid=MLI%2F6VVvp8gq4CrRMBZOF.

Request Chain 218

https://a.audrte.com/match?p=1468142154&uid=MLI/6VVvp8gq4CrRMBZOF. HTTP 302
https://a.audrte.com/p

Request Chain 221

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=TUxJLzZWVnZwOGdxNENyUk1CWk9GLg HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=TUxJLzZWVnZwOGdxNENyUk1CWk9GLg&dcc=t

Request Chain 223

https://loadus.exelator.com/load/?p=204&g=1020&j=w HTTP 302
https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1

Request Chain 225

http://p.crm4d.com/sync/weborama.js?r=11845219724154379103&gdpr=&gdpr_consent= HTTP 302
https://p.crm4d.com/sync/weborama.js?r=11845219724154379103&gdpr=&gdpr_consent=

Request Chain 226

http://p.crm4d.com/sync/weborama.js?r=4072250536671280442&gdpr=&gdpr_consent= HTTP 302
https://p.crm4d.com/sync/weborama.js?r=4072250536671280442&gdpr=&gdpr_consent=

Request Chain 227

http://p.crm4d.com/sync/weborama.js?r=6634545022950505988&gdpr=&gdpr_consent= HTTP 302
https://p.crm4d.com/sync/weborama.js?r=6634545022950505988&gdpr=&gdpr_consent=

Request Chain 232

https://ib.adnxs.com/getuid?https%3A%2F%2Fp.crm4d.com%2Fsync%2Fappnexus%2Fs.gif%3Fbounce%3D1%26uid%3D%24UID HTTP 302
https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=3352680221727473115

Request Chain 233

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1

Request Chain 235

https://ib.adnxs.com/getuid?https%3A%2F%2Fp.crm4d.com%2Fsync%2Fappnexus%2Fs.gif%3Fbounce%3D1%26uid%3D%24UID HTTP 302
https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=3352680221727473115

Request Chain 236

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1

Request Chain 238

https://ib.adnxs.com/getuid?https%3A%2F%2Fp.crm4d.com%2Fsync%2Fappnexus%2Fs.gif%3Fbounce%3D1%26uid%3D%24UID HTTP 302
https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=3352680221727473115

Request Chain 239

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1

Request Chain 240

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=83132076&utmhn=www.repetitor.ua&utmt=event&utme=5(Time*Log*0%3A10)&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&utmhid=670198763&utmr=-&utmp=%2F&utmht=1626748449552&utmac=UA-24521833-1&utmcc=__utma%3D235781890.1639173600.1626748430.1626748430.1626748430.1%3B%2B__utmz%3D235781890.1626748430.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6AAAAAAAAAAAAAAAAAAAAAgE~ HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=83132076&utmhn=www.repetitor.ua&utmt=event&utme=5(Time*Log*0%3A10)&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&utmhid=670198763&utmr=-&utmp=%2F&utmht=1626748449552&utmac=UA-24521833-1&utmcc=__utma%3D235781890.1639173600.1626748430.1626748430.1626748430.1%3B%2B__utmz%3D235781890.1626748430.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6AAAAAAAAAAAAAAAAAAAAAgE~

237 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.repetitor.ua/
Redirect Chain

http://www.planeta.vika.repetitor.ua/External/redirect.aspx
http://www.repetitor.ua/

57 KB
19 KB

4441ms
4426ms

Document
text/html

2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3b62256bc652e1b54ed253072efdfa3969117225af135bedff05f6a62060af37

Request headers

Host: www.repetitor.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: Rep-UsrCk1001=lv=1/1/1999 12:00:00 AM&mra=7/20/2021 5:33:43 AM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
X-AspNet-Version: 2.0.50727
Set-Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; domain=repetitor.ua; expires=Wed, 20-Jul-2022 02:33:47 GMT; path=/ SoftLizard-LastVisitUpdated-1001=; path=/ Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; domain=repetitor.ua; expires=Wed, 20-Jul-2022 02:33:47 GMT; path=/ Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; domain=repetitor.ua; expires=Wed, 20-Jul-2022 02:33:47 GMT; path=/
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2Fi9katLYG2UPo5yVLKW1OUXHY66d7PFr7L6Mkw0x%2BZgU2pmGlAX2hYOEITw9PqC4Ly3FZ3AplHjOH8%2FKJ8nCwF%2FEJBr%2B1ZlyjAqLUoxNeiusbuqCPkhWk9QyuyFJH6lCelWtvAjUdZ1md3uwFoS"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6718c958cafa05bf-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Cache-Control: private
Content-Length: 222
Content-Type: text/html; charset=windows-1251
Content-Encoding: gzip
Location: http://www.repetitor.ua/
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Set-Cookie: Rep-UsrCk1001=lv=1/1/1999 12:00:00 AM&mra=7/20/2021 5:33:43 AM; domain=repetitor.ua; expires=Wed, 20-Jul-2022 02:33:43 GMT; path=/ SoftLizard-LastVisitUpdated-1001=; path=/ Rep-UsrCk1001=lv=1/1/1999 12:00:00 AM&mra=7/20/2021 5:33:43 AM; domain=repetitor.ua; expires=Wed, 20-Jul-2022 02:33:43 GMT; path=/
X-Powered-By: ASP.NET
Date: Tue, 20 Jul 2021 02:33:42 GMT

GET
H/1.1 200
OK common.css
www.repetitor.ua/Themes/repua/style/ 63 KB
13 KB 23ms
17ms Stylesheet
text/css 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e5e3ec67a5d9f8f0652f41053191a029148a3a03026c26f367c7d3fffaeeec9a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.repetitor.ua/
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 425
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 12675
Last-Modified: Thu, 14 Apr 2011 09:00:00 GMT
Server: cloudflare
ETag: "0a8a85582facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bt7pZuT%2B%2Bd8I2mtAUBp4UyqEJ1OykDFfnxJJDHRC7kQzFqOd6vRtdbAAWr80DhQUgNYpEi09p4xejmM3TrM4bO9ti52CsTGF3xqBlbL9PGzvn%2F6rZ4CKxGS69K%2FscP4Ck2dld2rN8yJo0y8AKPvK"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c9748f0c4e1a-FRA

GET
H/1.1 200
OK domen_ads.js Show response
repetitor-ua.advon.net/ 2 KB
1008 B 126ms
92ms Script
application/x-javascript 91.203.4.181
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://repetitor-ua.advon.net/domen_ads.js
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 91.203.4.181 Kyiv, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 13f933f2c58b975d3d7afb791cf6010c7606b9b70120f2181d8a2bc88f531efe

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Mar 2020 13:46:55 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: keep-alive
Keep-Alive: timeout=7

GET
H/1.1 200
OK es5-shims.min.js Show response
yastatic.net/es5-shims/0.0.2/ 3 KB
2 KB 84ms
41ms Script
application/x-javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

http://yastatic.net/es5-shims/0.0.2/es5-shims.min.js

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

HTTP/1.1

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Encoding: gzip
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Transfer-Encoding: chunked
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Connection: keep-alive
X-Nginx-Request-Id: 116794e6b10c4031
Last-Modified: Thu, 25 Oct 2018 11:27:00 GMT
Server: nginx/1.17.9
Etag: W/"32e3b4f3a8f6048da9934fec1ca08cea"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216013
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Expires: Thu, 22 Jul 2021 14:32:31 GMT

GET
H/1.1 200
OK share.js Show response
yastatic.net/share2/ 144 KB
37 KB 84ms
42ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

http://yastatic.net/share2/share.js

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

HTTP/1.1

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8e96268766735ae11a87d1e3bea4e681b0b05e3afa54d79806dc1f550597fa15

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Transfer-Encoding: chunked
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 24 May 2021 12:18:35 GMT
Server: nginx/1.17.9
Etag: W/"bcd00e6750a3b5b8b79248b4c2e87b60"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216009
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Expires: Thu, 22 Jul 2021 14:31:14 GMT

POST
H2 200 z Show response
s.zmctrack.net/ Frame 5E92 16 B
452 B 164ms
51ms XHR
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: a0e0fe6fc83308dd8ad5b35fa674e8db901b5cd09fe5b21fce854ad8530162bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Jul 2021 02:33:49 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://www.repetitor.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
cache-control: no-cache, no-store
x-check: b2aa992093b285588d54b5c0649b2478
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 16
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6386
date: Tue, 20 Jul 2021 00:47:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 20 Jul 2021 02:47:23 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H3-29

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=535650005&utmhn=www.repetitor.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=535650005&utmhn=www.repetitor.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...

35 B
54 B

23ms
20ms

Image
image/gif

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=535650005&utmhn=www.repetitor.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&utmhid=670198763&utmr=-&utmp=%2F&utmht=1626748429578&utmac=UA-24521833-1&utmcc=__utma%3D235781890.1255959449.1626748430.1626748430.1626748430.1%3B%2B__utmz%3D235781890.1626748430.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1389274234&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=535650005&utmhn=www.repetitor.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&utmhid=670198763&utmr=-&utmp=%2F&utmht=1626748429578&utmac=UA-24521833-1&utmcc=__utma%3D235781890.1255959449.1626748430.1626748430.1626748430.1%3B%2B__utmz%3D235781890.1626748430.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1389274234&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK ua.gif
www.repetitor.ua/Themes/repua/images/rep/ 293 B
1 KB 11ms
9ms Image
image/gif 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/Themes/repua/images/rep/ua.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f04c53cdf173028fe6e3c15285a9cf48d37aec4feda799bfce5405be883547bb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1910
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 293
Last-Modified: Thu, 14 Apr 2011 09:00:00 GMT
Server: cloudflare
ETag: "0a8a85582facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0f47tqLv4GFog%2FMhXPrKiGkLTWHlezm0s9bHiuDPKB%2FrEbi%2FRu6q8E69I9%2BM1rBs5qXgSs%2BANE3Nby0ly5uYd9qvPlyOHWuQL0XhM3F66NzIFTdMNgG0X2kweixbKC2%2BLe17galFJmis5rF0OJJO"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c974ef7b4e1a-FRA

GET
H/1.1 200
OK en.gif
www.repetitor.ua/Themes/repua/images/rep/ 404 B
1 KB 27ms
20ms Image
image/gif 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/Themes/repua/images/rep/en.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d0691ec8393044cf6c3456eb07d1e802c6031dc61f269eba5df3d62db25117d4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1910
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 404
Last-Modified: Thu, 14 Apr 2011 09:00:00 GMT
Server: cloudflare
ETag: "0a8a85582facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdndO%2B4VhboG2%2B9sC6Ynv%2FB5UxIYyZz3f7ual%2FF886yuTD%2Fl3Xc%2FRKy%2FslA9y3mEVDXf3DgPy9bxVODJ%2BPGj%2F6fVzimKnsIuqgovWiQ%2BMZbGlI3AGhUHh9j%2FjvjT292X%2BikthfKIIhX%2B1p6foTCc"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c974ec831f11-FRA

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
25 KB 14ms
6ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 14:19:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 44089
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 24715
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 19 Jul 2022 14:19:00 GMT

GET
H/1.1 200
OK swfobject.js Show response
b.c8.net.ua/b/js/ 0
253 B 333ms
57ms Script
application/x-javascript 212.1.66.239
UKRPACK

General

Check archive.org

Show headers Download Go to

Full URL: https://b.c8.net.ua/b/js/swfobject.js
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.1.66.239 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:37:16 GMT
Last-Modified: Fri, 23 Jun 2017 14:05:47 GMT
x-direct: true
ETag: "594d203b-0"
Content-Type: application/x-javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Server: nginx

GET
H/1.1 200
OK sys.js Show response
b.c8.net.ua/b/js/ 33 KB
33 KB 386ms
104ms Script
application/x-javascript 212.1.66.239
UKRPACK

General

Check archive.org

Show headers Download Go to

Full URL: https://b.c8.net.ua/b/js/sys.js
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.1.66.239 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
Software: nginx /
Resource Hash: b0a740b67b3e9f868641878f61e64724977b0d493a93d2a8ad8dc54ea8e4e30c

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:37:16 GMT
Last-Modified: Fri, 14 Apr 2017 14:00:54 GMT
x-direct: true
ETag: "58f0d616-82f8"
Content-Type: application/x-javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 33528
Server: nginx

GET
H/1.1 200
OK Cookie set avatar.aspx
www.repetitor.ua/users/ 6 KB
7 KB 1183ms
1177ms Image
image/jpeg 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/users/avatar.aspx?userid=87140
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: acf7d7667c3d9c7bee496f4ffe55667c8187786a828a5dcc0f0862b107181b4c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 6214
Server: cloudflare
Vary: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lY%2FzIUvHrbN6fU1sDMVdc1BBDGAaagMJ2oIyvec%2Bhr0QadcMGJQ7VESKWCX1w6L%2BQ9VNaPlJ7Poch3opyN92WdL3x7yP8dlZGB0wYnHOug0CrZjFMdql%2FCOkk1bxWnWk9Cy%2BnpGIl%2BFFFO1zJQwQ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/Jpeg
Cache-Control: public
Set-Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:49 AM&lang=ru; domain=repetitor.ua; expires=Wed, 20-Jul-2022 02:33:49 GMT; path=/
CF-RAY: 6718c974e9d92c19-FRA
Expires: Tue, 20 Jul 2021 03:03:49 GMT

GET
H/1.1 200
OK fallout.jpg
www.repetitor.ua/restroom/ 4 KB
5 KB 32ms
26ms Image
image/jpeg 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/restroom/fallout.jpg
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0a498251439b9b78d0f4a803f6d77b467662faa0a8453f77adf6ef2422ff6acf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2061
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 3992
Last-Modified: Wed, 13 Apr 2011 21:53:53 GMT
Server: cloudflare
ETag: "c18cb4725facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69CMzVm5HTufFN1vqlDnHkECHQicFNJufZxoQ3eki2ZUZaIeGWJ%2Fi0pwNwooghV2UiK%2B89dF58GRsYmmF1zOhN31Fhm8UV%2BLPH%2FGNAGG3z3jZDbVe9TM5eDagXGW9OLmfB2CNC2bxgDUP1uNT%2Fy7"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c974e84205b7-FRA

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 138 B
429 B 112ms
95ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.bigmir.net/?s124528&t0&l1&o1
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 878747913894b9869238d7b2990da81fd427379ed55d1d38961482c6ea2e35ab

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:49 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H/1.1 200
OK logo
counter.yadro.ru/ 229 B
450 B 135ms
119ms Image
image/gif 88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.yadro.ru/logo?14.10
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host198.rax.ru
Software: 0W/0.8c /
Resource Hash: 1e60e920b3d344763f13b26c467a14384b47366613e72ed96e79e627cb647fd1

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:51 GMT
Server: 0W/0.8c
Content-Type: image/gif
Cache-control: no-cache
Connection: Close
Content-Length: 229
Expires: Sun, 19 Jul 2020 21:00:00 GMT

GET
H2

200

top100.cnt
counter.rambler.ru/
Redirect Chain

http://counter.rambler.ru/top100.cnt?829511
https://counter.rambler.ru/top100.cnt?829511

43 B
583 B

190ms
63ms

Image
image/gif

81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.rambler.ru/top100.cnt?829511
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:49 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
x-srv: 2node0035.top100.rambler.tech
access-control-allow-credentials: true
content-type: image/gif, image/gif
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
Server: nginx/1.19.4
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Location: https://counter.rambler.ru/top100.cnt?829511
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html
Access-Control-Allow-Headers: content-type
Content-Length: 171

GET
H/1.1 200
OK banner-88x31-rambler-gray2.gif
www.repetitor.ua/utility/images/ 939 B
2 KB 11ms
10ms Image
image/gif 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/utility/images/banner-88x31-rambler-gray2.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 34eb037aca76eb2515a191c6a6543c65a9a37e30253d35d7122c8e48e9bef880

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1907
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 939
Last-Modified: Wed, 13 Apr 2011 21:56:05 GMT
Server: cloudflare
ETag: "a9423e9625facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xijYuO4LISULVx%2Bcb66xhqM7nMuO42SgVG6tY%2FyRWbbpGWgyVOAbwxXqdwJD%2BBFDzjm%2FmOPQ8m%2B1lyhIuISK5B%2F%2BGQeczqnadY5dW%2B0ARdj1EMtLaNMETt3dRyHkNRO2aO7htd1yUIFJUzMaYJSG"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c975186805b7-FRA

GET
H/1.1

200
OK

v_blue_on_white_ru.png
megastock.ru/doc/Logo/
Redirect Chain

http://www.megastock.ru/doc/Logo/v_blue_on_white_ru.png
https://megastock.ru/doc/Logo/v_blue_on_white_ru.png

805 B
1 KB

323ms
89ms

Image
image/png

91.227.52.186
ASCOM4S

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://megastock.ru/doc/Logo/v_blue_on_white_ru.png

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.227.52.186 Moscow, Russian Federation, ASN56806 (ASCOM4S, RU),

Reverse DNS

Software

openresty / ASP.NET

Resource Hash

a8cb1a292789f28237522e7564bbe347e5eb9c76bec1f8e9d7a414ca4cff86ec

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
ETag: "d6a1a1c9edbce1:0"
Last-Modified: Thu, 07 Nov 2013 09:45:36 GMT
Server: openresty
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 805

Redirect headers

Location: https://megastock.ru/doc/Logo/v_blue_on_white_ru.png
Date: Tue, 20 Jul 2021 02:33:49 GMT
Server: openresty
Connection: keep-alive
Content-Length: 166
Content-Type: text/html

GET
H/1.1 200
OK jPlugins.js Show response
www.repetitor.ua/utility/js/ 45 KB
21 KB 11ms
11ms Script
application/x-javascript 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.repetitor.ua/utility/js/jPlugins.js?ver=1
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2aebba5c2160f83e6157e0440241af2378e3c6bf29c917cd3d983c8af331a96a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.repetitor.ua/
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1910
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 20924
Last-Modified: Wed, 13 Apr 2011 21:56:05 GMT
Server: cloudflare
ETag: "808269625facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FE1pcA%2FUnTS63H68%2F5sSWBai7r98%2FuPLLZLxnF3qFDMkU5lJlMx%2BmMCMZUaareOcl0vSYJpK3dWLlsZIhYMo7dC%2FPpb9CKzZQUIfD9mHB4cCive%2B0jTtU7UH8l3YmhoO0vQc3kFrLXpX4oCa3MZ"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c975085805bf-FRA

GET
H/1.1 200
OK rep.js Show response
www.repetitor.ua/utility/js/ 34 KB
10 KB 16ms
15ms Script
application/x-javascript 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.repetitor.ua/utility/js/rep.js?ver=1
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cb4f20b419454f628dfc497497507747a130988034fc7cca261ac6ab48a6273d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.repetitor.ua/
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 623
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 9496
Last-Modified: Wed, 13 Apr 2011 21:56:05 GMT
Server: cloudflare
ETag: "808269625facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RRyKwCbb%2FaViMFjSLgiAW0mkXuB1xWxCo4fc6e4z2ph%2ByDOIvRLgHS2CGgH9WOVwnWzoQFodxXbesSM8OIhXq4S5HdPzVbRKDp2MR%2BUNoYQ2fL00No9fFLlOVRqxC0Kvi0bbfy5uKGP%2BI39be1k"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c9750ca11f11-FRA

GET
H/1.1 200
OK notification-modal.js Show response
advon.net/push/ 531 B
1 KB 34ms
20ms Script
application/x-javascript 2606:4700:3032::6815:5ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://advon.net/push/notification-modal.js
Requested by: Host: repetitor-ua.advon.net
URL: http://repetitor-ua.advon.net/domen_ads.js
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:5ad0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1304280e4ae3bb5eca45cfc6395745eeb64273e571485e54976d866053f0742f

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 22 Apr 2020 12:32:22 GMT
Server: cloudflare
Age: 4209
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gerj5TXAHVXXl8aNx16XCCSKMP%2BHYJc%2BbEGDAOpIXA%2Bs47GMlvxRWYUNi94dvQAwe8qSMj3JK6OzuE6Rz6GfMt%2FwB%2FRby6dDdHzQ9nwPdBSJsodeToV4dD0tz2afF2YrdI5WmN2i12U%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6718c9758d04dff7-FRA
NEL: {"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK loader2.js Show response
cdn.admixer.net/scripts3/ 86 KB
30 KB 14ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: bdbb30054481cf1c2323aeba0ee8fe39193814a97dba31a0b1ae39d9bb4473ae

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc33
Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 08:09:48 GMT
Server: nginx
ETag: W/"60f13ecc-156e9"
Transfer-Encoding: chunked
X-Cached-Since: 2021-07-20T02:31:29+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Cache: HIT
Connection: keep-alive
Expires: Fri, 16 Jul 2021 08:24:11 GMT

GET
H/1.1 200
OK mm2.gif
www.repetitor.ua/Themes/repua/images/repN/ 296 B
1 KB 11ms
10ms Image
image/gif 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/Themes/repua/images/repN/mm2.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4bfb40e066591504022cb2a02a2d96921b92084686b2bb51a0f8df556647b0a2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1505
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 296
Last-Modified: Thu, 14 Apr 2011 09:00:00 GMT
Server: cloudflare
ETag: "0a8a85582facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUsA32kgXESNWJS3v2LnEd1eHtPU7TgIkJ7l97Ggz79f9282TuazCCzHsCnhfOOm6ejv908BX2NJvFymVwaEjI51qW7%2Bh3qMSS4uPxuBvNX%2BqUQYxrN%2BRpdnfos2aloNTHGjjdmer7E%2FUn06%2F1qo"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c97588cc05b7-FRA

GET
H/1.1 200
OK mm1.gif
www.repetitor.ua/Themes/repua/images/repN/ 296 B
1 KB 12ms
10ms Image
image/gif 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/Themes/repua/images/repN/mm1.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 82f5f5d6248f8a69ad1b304791bdcd481473f6a7adf3fd44dfb7c2ae8f3c92ff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1909
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 296
Last-Modified: Thu, 14 Apr 2011 09:00:00 GMT
Server: cloudflare
ETag: "0a8a85582facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SA%2FG8JKlPOBc0hy%2F2ZOEGtXBeGelv5jAa3AEc4%2BzAvB9mh1qfiXGFmhDA%2FFPzeRx%2BLFGdcdDB4KohHYzStBrRXEeFP5b%2BkvH%2FoLFzHz9TkgpneWIl93FvuSIWvBSviBRggE9Gcag2NGFOgqshF9z"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c9758d031f11-FRA

GET
H/1.1 200
OK resources.jpg
www.repetitor.ua/Themes/repua/images/repN/ 15 KB
16 KB 11ms
10ms Image
image/jpeg 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/Themes/repua/images/repN/resources.jpg
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0844db4bf9d6c3c1cbdacc486c86acd460b36a8a5864f9975e784991a2d356f4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1504
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 15707
Last-Modified: Thu, 14 Apr 2011 09:00:00 GMT
Server: cloudflare
ETag: "0a8a85582facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKXxK%2BLOlXsrDYMLkOeLGg%2FV1Q16xXhQjldKGvrSgyQzRKt6FmIHdTrRRqYC0UVtkt%2F8NZMOH1xUL5zBkWNy8GNj8hDj07i4zJuvzAABE8eO5jL3q3pD5pOGoB%2Fwq%2B0oDdJO1%2FF7k5x%2FHzu53%2B6b"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c975883e4e1a-FRA

GET
H/1.1 200
OK icons.gif
www.repetitor.ua/Themes/repua/images/repN/ 7 KB
8 KB 23ms
10ms Image
image/gif 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/Themes/repua/images/repN/icons.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f749f5beeca545ef24016324e3da06bd4bf9c688b69ddbf72113e16e488378f2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1503
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 7239
Last-Modified: Thu, 14 Apr 2011 09:00:00 GMT
Server: cloudflare
ETag: "0a8a85582facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fxakg%2FY3kSAMT3HPa5Y8cvPKn822MU5I3QoT7pscjoTNFZ502CgAkV%2BMXSGxYYc0%2BiH96HuBsW96lZkidMtSpwgwWtraZkNYpQCFIpjJnj8DdhiUW%2FKcBHUC6klKU72l9qdD%2FuLbEZx9ELBNaWNb"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c97598dc05b7-FRA

GET
H/1.1 200
OK mm.gif
www.repetitor.ua/Themes/repua/images/repN/ 296 B
1 KB 12ms
11ms Image
image/gif 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/Themes/repua/images/repN/mm.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 50de0516cd0fc84dc3486043041447a0fccc8a7eeb91d38572f34e8781e0a0d0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1909
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 296
Last-Modified: Thu, 14 Apr 2011 09:00:00 GMT
Server: cloudflare
ETag: "0a8a85582facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjd%2FRm4aiLLmSTDzpryjAw00WHNs7qYLKrqF5KBI%2FONHCutsxcBv97PqHqmwelzJGU2tzYyS7nzbwbt6xKlyKWvjxOWXnRuvjgQdlgpaAtZiGxQfElAlKiSFEFpFwYrCBx2AWbhGafa%2FpfDK8JH4"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c97588d605bf-FRA

GET
H/1.1 200
OK mm_topline.gif
www.repetitor.ua/Themes/repua/images/repN/ 178 B
981 B 21ms
15ms Image
image/gif 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/Themes/repua/images/repN/mm_topline.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 630ea5693710d90aed4d37110636019fd07af511142346085a40902b53c31996

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1504
x-powered-by: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 178
last-modified: Thu, 14 Apr 2011 09:00:00 GMT
Server: cloudflare
etag: "0a8a85582facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zvfgAY%2BDJ2psXJduPM%2Fy9zjd8osx7Q3IHGrC5atC1%2FSI7Yc5406SaNC0DiDQoenJoJkXX8Oh6J0LFRFtljsdRYB%2Bc9I4b22FtuG5f76GpLc1B%2FKqaIilRUwnRLXfWNjCzeEQnxUjc1oMz6nZOzq"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c9759bf54e3e-FRA

GET
H/1.1 200
OK mm_bottomline.gif
www.repetitor.ua/Themes/repua/images/repN/ 178 B
979 B 27ms
13ms Image
image/gif 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/Themes/repua/images/repN/mm_bottomline.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f76a7cd4d198acd506463308fe0ef69b15c192779898b874b82d0884f27e561a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1504
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 178
Last-Modified: Thu, 14 Apr 2011 09:00:00 GMT
Server: cloudflare
ETag: "0a8a85582facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZX74Yxy6yj2ir65Hrn0e0f31IglfPlgRlFuEh4mioVP%2BrNw0XMzWjcTFxqseZAuBky4by617kPZOOmv3P%2BCAZ3bAX%2BBmbiHujzK%2B9o34FuzE6doNVbyHDOVbDhh2JhtQK9SDTaaiStniJAgtARm"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c975ad181f11-FRA

GET
H/1.1 200
OK 728x90.htm Show response
icode.advon.net/ Frame 0024 140 B
372 B 121ms
97ms Document
text/html 91.203.4.181
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://icode.advon.net/728x90.htm
Requested by: Host: repetitor-ua.advon.net
URL: http://repetitor-ua.advon.net/domen_ads.js
Protocol: HTTP/1.1
Server: 91.203.4.181 Kyiv, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 3d3dc9cade60878bfab820a1d0f79be96e4449d99dd0b42adae01cb74fcb344f

Request headers

Host: icode.advon.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.repetitor.ua/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.repetitor.ua/

Response headers

Server: nginx
Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Type: text/html
Content-Length: 140
Last-Modified: Fri, 06 Mar 2020 13:47:41 GMT
Connection: keep-alive
Keep-Alive: timeout=7
Accept-Ranges: bytes

GET
H/1.1 200
OK blocks.gif
www.repetitor.ua/Themes/repua/images/rep/smoky/ 3 KB
4 KB 15ms
10ms Image
image/gif 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/Themes/repua/images/rep/smoky/blocks.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4a2d9cc9d3486f131787ba714be11a91b158dccfb7aeaa3b53346f3bee01fba9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1502
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 3220
Last-Modified: Thu, 14 Apr 2011 09:00:00 GMT
Server: cloudflare
ETag: "0a8a85582facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BD1%2Frx0ZiLWrqjdbeYtaTqEFYc9LsRRK%2FcVcYIjeXkvs2wogUcYaisAVdBDgR5XHQZDFV2OnrsT%2FySPIxWoz%2B4tmRqJrHLWMaA9JwA7v%2BJIBBVChmHZZKplhnVCOJSUnvSSZMHXsosHy6kX2sCCF"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c97598524e1a-FRA

GET
H/1.1 200
OK mainIcons.jpg
www.repetitor.ua/Themes/repua/images/repN/ 29 KB
29 KB 20ms
15ms Image
image/jpeg 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/Themes/repua/images/repN/mainIcons.jpg
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0add324a9dbd8979d7421e3f84c2f870641d3d6111528850a71b13e03447bbbc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1503
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 29386
Last-Modified: Thu, 14 Apr 2011 09:00:00 GMT
Server: cloudflare
ETag: "0a8a85582facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pfh%2BpGdRO%2BawcpIvkRZgSFsV854jxagGGC6y6jOCeKPqkoRQYxz%2B5t7qsC0NX0p0DUTEDvPTgsxvp7WHX0vCVjit%2BE1ewk%2FXSvs7Ubb8AdDM%2Fjw%2FL0DbirT48xdtnOyEqLARFfMN6TpyMkZwC4vi"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c97598ee05bf-FRA

GET
H/1.1 200
OK gr_header.gif
www.repetitor.ua/Themes/repua/images/rep/smoky/ 92 B
902 B 25ms
12ms Image
image/gif 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/Themes/repua/images/rep/smoky/gr_header.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 04589237737f7fb0ba10f352cc9134459832c755af8fcc6b95bf02a54fb606cd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
Cookie: Rep-UsrCk1001=lv=7/20/2021 5:33:43 AM&mra=7/20/2021 5:33:47 AM&lang=ru; SoftLizard-LastVisitUpdated-1001=; __utma=235781890.1255959449.1626748430.1626748430.1626748430.1; __utmc=235781890; __utmz=235781890.1626748430.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=235781890.1.10.1626748430
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/Themes/repua/style/common.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1907
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 92
Last-Modified: Thu, 14 Apr 2011 09:00:00 GMT
Server: cloudflare
ETag: "0a8a85582facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ln1%2BUfQhY44nhGPrlAlUAukdiORQX4oM%2FLTOSSn1kX6sjDeCgjb0%2BToeMF0mGbflsspZO7bO4xp6%2FB%2FR%2Bgydl%2BaIjteOi4GwoNUqbwUgGRzQxx1mnHmQSb7%2Buw0jSrMI0w8tx8wsDcO%2FGbXUXObC"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c975ac054e3e-FRA

GET
H/1.1 200
OK 728x90.htm Show response
icode.advon.net/ Frame 8EE3 140 B
372 B 112ms
95ms Document
text/html 91.203.4.181
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://icode.advon.net/728x90.htm
Requested by: Host: repetitor-ua.advon.net
URL: http://repetitor-ua.advon.net/domen_ads.js
Protocol: HTTP/1.1
Server: 91.203.4.181 Kyiv, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 3d3dc9cade60878bfab820a1d0f79be96e4449d99dd0b42adae01cb74fcb344f

Request headers

Host: icode.advon.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.repetitor.ua/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.repetitor.ua/

Response headers

Server: nginx
Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Type: text/html
Content-Length: 140
Last-Modified: Fri, 06 Mar 2020 13:47:41 GMT
Connection: keep-alive
Keep-Alive: timeout=7
Accept-Ranges: bytes

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/ Frame 6D5A 637 B
538 B 20ms
6ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c.html
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345

Request headers

:method: GET
:authority: cdn.admixer.net
:scheme: https
:path: /scripts3/c.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.repetitor.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.repetitor.ua/

Response headers

server: nginx
date: Tue, 20 Jul 2021 02:33:49 GMT
content-type: text/html
last-modified: Fri, 16 Jul 2021 08:09:43 GMT
vary: Accept-Encoding
etag: W/"60f13ec7-27d"
expires: Sun, 17 Jul 2022 08:14:09 GMT
cache-control: max-age=31622400
access-control-allow-origin: *
cache: HIT
x-cached-since: 2021-07-16T08:14:09+00:00
x-id: fr5-up-gc36
content-encoding: gzip

GET
H/1.1 200
OK 306443839e6ad02abd2f.b.js Show response
cdn.admixer.net/scripts3/ 82 KB
23 KB 9ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/306443839e6ad02abd2f.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0e671a70fbf1155ed9ec58398fb6d144360a73646429e52701ef584533fbb610

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc33
Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 08:09:35 GMT
Server: nginx
ETag: W/"60f13ebf-14745"
Vary: Accept-Encoding
X-Cached-Since: 2021-07-16T08:15:02+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Sun, 17 Jul 2022 08:15:02 GMT

GET
H/1.1 200
OK 707d26dd5c625cf234ec.b.js Show response
cdn.admixer.net/scripts3/ 92 KB
26 KB 14ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/707d26dd5c625cf234ec.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d2fb1c42b4414cff2a3fd0328cfad989eb020089da905f2a53ce51b0f34da3df

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc36
Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 08:09:38 GMT
Server: nginx
ETag: W/"60f13ec2-17107"
Vary: Accept-Encoding
X-Cached-Since: 2021-07-16T08:14:36+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Sun, 17 Jul 2022 08:14:36 GMT

GET
H/1.1 200
OK 51807.js Show response
farension.com/ 42 KB
17 KB 118ms
47ms Script
application/javascript 88.208.46.48
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://farension.com/51807.js
Requested by: Host: advon.net
URL: http://advon.net/push/notification-modal.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.48 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 40a9129b820db4f2e17eaddb40da1938d148913ec8b803b4c63b6ac9ac6fb313

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK bn.php Show response
am15.net/ Frame 8EE3 5 KB
3 KB 125ms
99ms Script
text/javascript 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/bn.php?s=32203&f=6&d=38106
Requested by: Host: icode.advon.net
URL: http://icode.advon.net/728x90.htm
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 632ffa963cb713d0621dd9aa33a564e61df82f951160f524cd238ff310b5125b

Request headers

Referer: http://icode.advon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 02:33:49 GMT
Server: openresty
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/javascript; charset=windows-1251
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK bn.php Show response
am15.net/ Frame 0024 5 KB
3 KB 122ms
97ms Script
text/javascript 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/bn.php?s=32203&f=6&d=38106
Requested by: Host: icode.advon.net
URL: http://icode.advon.net/728x90.htm
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 100a2174e55e3fbb96fb85d76f0b787847dc2ac55cd06a2b40a01035e6d4f4a3

Request headers

Referer: http://icode.advon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 02:33:49 GMT
Server: openresty
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/javascript; charset=windows-1251
Expires: Tue, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK 34169 Show response
farension.com/ 3 KB
4 KB 45ms
44ms Fetch
application/json 88.208.46.48
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://farension.com/34169
Requested by: Host: farension.com
URL: https://farension.com/51807.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.48 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b5254fa851a0f265c4144e39384aeafb90850ae7e0fdbe104b9fb19221c651a4

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:49 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://www.repetitor.ua
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

POST
H/1.1 200
OK set
farension.com/event/ 0
0 33ms
33ms Fetch
text/html 88.208.46.48
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://farension.com/event/set
Requested by: Host: farension.com
URL: https://farension.com/51807.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.48 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://www.repetitor.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

GET
H/1.1 200
OK uid.php Show response
am15.net/x/ Frame 2C4C 2 KB
1 KB 57ms
57ms Document
text/html 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/x/uid.php?rand=1046832132&uid=TKlNpoQ
Requested by: Host: am15.net
URL: http://am15.net/bn.php?s=32203&f=6&d=38106
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 37a3462d560acc18128025d8e3864e2937f166a47c36b542ba603a8d179efdb0

Request headers

Host: am15.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://icode.advon.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://icode.advon.net/

Response headers

Server: openresty
Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:49 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

GET
H/1.1 200
OK Cookie set fpx.php Show response
am15.net/x/ Frame 3579 3 KB
2 KB 56ms
56ms Document
text/html 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=172818430
Requested by: Host: am15.net
URL: http://am15.net/bn.php?s=32203&f=6&d=38106
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 5198a754fa5484ddf6d055b51d607852250e047b252985d3b02d67b7f2a3391a

Request headers

Host: am15.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://icode.advon.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://icode.advon.net/

Response headers

Server: openresty
Date: Tue, 20 Jul 2021 02:33:49 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:49 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: *
Set-Cookie: a6d39=1; expires=Tue, 20-Jul-2021 03:03:49 GMT; Max-Age=1800; path=/; domain=.am15.net
Content-Encoding: gzip

GET
H/1.1 200
OK dsp Show response
am15.net/ssp/ Frame 0024 511 B
624 B 766ms
745ms Script
application/javascript 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/ssp/dsp?upst=j9ouyBm.sBbx2J_Ty7nn&site=32203&height=90&width=728&block=ambn38106&ref=http%3A%2F%2Ficode.advon.net%2F&title=&js=1&time=1626748429&ctype=undefined
Requested by: Host: am15.net
URL: http://am15.net/bn.php?s=32203&f=6&d=38106
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty /
Resource Hash: 1b98d24bc1e0a07709abb0b918c3ea4922efbf45f6610898bf56c15618aab81d

Request headers

Referer: http://icode.advon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive

GET
H/1.1 200
OK uid.php Show response
am15.net/x/ Frame 16B0 2 KB
1 KB 112ms
104ms Document
text/html 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/x/uid.php?rand=1191294763&uid=vzk62rd
Requested by: Host: am15.net
URL: http://am15.net/bn.php?s=32203&f=6&d=38106
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 13eb95f2816f660f36ad7e22d95a8a96da677a53e71ea0db6961d841fccd509d

Request headers

Host: am15.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://icode.advon.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://icode.advon.net/

Response headers

Server: openresty
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

GET
H/1.1 200
OK Cookie set fpx.php Show response
am15.net/x/ Frame 595B 3 KB
2 KB 117ms
104ms Document
text/html 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=520460621
Requested by: Host: am15.net
URL: http://am15.net/bn.php?s=32203&f=6&d=38106
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 5198a754fa5484ddf6d055b51d607852250e047b252985d3b02d67b7f2a3391a

Request headers

Host: am15.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://icode.advon.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://icode.advon.net/

Response headers

Server: openresty
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: *
Set-Cookie: a6d39=1; expires=Tue, 20-Jul-2021 03:03:50 GMT; Max-Age=1800; path=/; domain=.am15.net
Content-Encoding: gzip

GET
H/1.1 200
OK dsp Show response
am15.net/ssp/ Frame 8EE3 511 B
625 B 733ms
718ms Script
application/javascript 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/ssp/dsp?upst=j9ouyBm.sBbx2J_Ty7nn&site=32203&height=90&width=728&block=ambn38106&ref=http%3A%2F%2Ficode.advon.net%2F&title=&js=1&time=1626748429&ctype=undefined
Requested by: Host: am15.net
URL: http://am15.net/bn.php?s=32203&f=6&d=38106
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty /
Resource Hash: 03ad90c948081ff882074119561412ded04a2acd95c204f96acc0024f9d8e64e

Request headers

Referer: http://icode.advon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive

GET
H/1.1

200
OK

Cookie set cs Show response
farension.com/js/ Frame 06F9
Redirect Chain

https://farension.com/js/cs?uuid=09bf234b-16a2-46e5-8f6c-e972de7aa0ea
https://s.uuidksinc.net/match/433/09bf234b-16a2-46e5-8f6c-e972de7aa0ea?cb_url=https%3A%2F%2Ffarension.com%2Fjs%2Fcs%3Fuuid%3D09bf234b-16a2-46e5-8f6c-e972de7aa0ea%26oid%3D%5BUID%5D
https://farension.com/js/cs?uuid=09bf234b-16a2-46e5-8f6c-e972de7aa0ea&oid=2b5EIsTxCDXehfAEZ2oI

43 B
333 B

32ms
31ms

Document
image/gif

88.208.46.48
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://farension.com/js/cs?uuid=09bf234b-16a2-46e5-8f6c-e972de7aa0ea&oid=2b5EIsTxCDXehfAEZ2oI
Requested by: Host: farension.com
URL: https://farension.com/51807.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.48 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: farension.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.repetitor.ua/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: userid=09bf234b-16a2-46e5-8f6c-e972de7aa0ea; uuid=09bf234b-16a2-46e5-8f6c-e972de7aa0ea
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.repetitor.ua/

Response headers

Server: nginx
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: oid=2b5EIsTxCDXehfAEZ2oI; expires=Thu, 19-Aug-2021 05:33:50 GMT; Path=/; domain=.farension.com; SameSite=None; Secure

Redirect headers

server: nginx/1.19.0
date: Tue, 20 Jul 2021 02:33:50 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
set-cookie: jcsuuid=2b5EIsTxCDXehfAEZ2oI; Expires=Fri, 15 Jul 2022 05:33:50 GMT; Domain=uuidksinc.net; Path=/; SameSite=None; Secure
location: https://farension.com/js/cs?uuid=09bf234b-16a2-46e5-8f6c-e972de7aa0ea&oid=2b5EIsTxCDXehfAEZ2oI

GET
H/1.1

200
OK

rsc.php Show response
rbnt.org/ Frame 3579
Redirect Chain

http://t02.rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203
https://rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203
https://rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203&csc=1

20 B
521 B

33ms
33ms

Script
text/javascript

148.251.159.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203&csc=1

Requested by

Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=172818430

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

148.251.159.22 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.22.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

21b82e2818317d8154b0015d7a606c590429a8645c79d2f90922449c805a2fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 02:33:50 GMT
Server: nginx
Strict-Transport-Security: max-age=0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:50 GMT
Server: nginx
Strict-Transport-Security: max-age=0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: /rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203&csc=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

204

aotm.js Show response
sync.dmp.otm-r.com/match/ Frame 3579
Redirect Chain

http://sync.dmp.otm-r.com/match/aotm.js
https://sync.dmp.otm-r.com/match/aotm.js

0
69 B

103ms
33ms

Script
text/plain

195.201.57.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.dmp.otm-r.com/match/aotm.js
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=172818430
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.57.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.17.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 02:33:50 GMT
server: nginx/1.17.0

Redirect headers

Location: https://sync.dmp.otm-r.com/match/aotm.js
Date: Tue, 20 Jul 2021 02:33:50 GMT
Server: nginx/1.17.0
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

cm.gif
ad.mail.ru/ Frame 3579
Redirect Chain

http://x.instreamatic.com/v2/mark/787.gif
http://ad.mail.ru/cm.gif?p=66&id=be45edcd33e38011

43 B
627 B

89ms
47ms

Image
image/gif

2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ad.mail.ru/cm.gif?p=66&id=be45edcd33e38011
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=172818430
Protocol: HTTP/1.1
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:50 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Tue, 20 Jul 2021 08:33:50 GMT

Redirect headers

Location: http://ad.mail.ru/cm.gif?p=66&id=be45edcd33e38011
Date: Tue, 20 Jul 2021 02:33:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.14.0 (Ubuntu)
Connection: close
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H/1.1

200
OK

getcode.php Show response
ssp.c8.net.ua/
Redirect Chain

http://ssp.c8.net.ua/getcode.php?key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1733&domain=&rnd=195371397&pid=9&format_id=13&sw=1600&sh=1200&ctype=&cbw=&w=240&h=400&c8_sa=0;0;5&containe...
http://ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1733&domain=&rnd=195371397&pid=9&format_id=13&sw=1600&sh=1200&ctype=&cbw=&w=240&h=400&c8_sa=0;...

0
587 B

62ms
60ms

Script
text/html

89.184.66.167
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: http://ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1733&domain=&rnd=195371397&pid=9&format_id=13&sw=1600&sh=1200&ctype=&cbw=&w=240&h=400&c8_sa=0;0;5&container_id=c8net_code_f1733913&is=1&is_ssl=0&ref=&passback=&metric=&project_id=&location=http%3A//www.repetitor.ua/
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 89.184.66.167 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
Software: nginx/1.15.5 / PHP/5.5.38
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Encoding: gzip
X-Powered-By: PHP/5.5.38
X-node-root: ssp
Connection: keep-alive
Pragma: no-cache
Last-Modified: Tue, 20 Jul 2021 02:33:50 GMT
Server: nginx/1.15.5
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding: chunked
X-node-error: 1
Access-Control-Allow-Credentials: true
X-gw-server: _fcgi
Expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
X-request-stat: 1
X-Powered-By: PHP/5.5.38
X-node-root: ssp
Connection: keep-alive
Pragma: no-cache
Last-Modified: Tue, 20 Jul 2021 02:33:50 GMT
Server: nginx/1.15.5
Location: //ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1733&domain=&rnd=195371397&pid=9&format_id=13&sw=1600&sh=1200&ctype=&cbw=&w=240&h=400&c8_sa=0;0;5&container_id=c8net_code_f1733913&is=1&is_ssl=0&ref=&passback=&metric=&project_id=&location=http%3A//www.repetitor.ua/
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
X-gw-server: _fcgi
Expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200
OK

06.gif
i.bigmir.net/cnt/
Redirect Chain

http://c.bigmir.net/?v122928&s124528&t6&c1&n476265&w0&y0&d24&r1600
http://i.bigmir.net/cnt/06.gif

43 B
326 B

115ms
101ms

Image
image/gif

193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/06.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 43
Expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:50 GMT
Server: nginx
Transfer-Encoding: chunked
Location: //i.bigmir.net/cnt/06.gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H/1.1

200
OK

hit;education_stat
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;education_stat?r;s1600*1200*24;uhttp%3A//www.repetitor.ua/;0.5243360762644351
https://counter.yadro.ru/hit;education_stat?r;s1600*1200*24;uhttp%3A//www.repetitor.ua/;0.5243360762644351
https://counter.yadro.ru/hit;education_stat?q;r;s1600*1200*24;uhttp%3A//www.repetitor.ua/;0.5243360762644351

43 B
528 B

68ms
67ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;education_stat?q;r;s1600*1200*24;uhttp%3A//www.repetitor.ua/;0.5243360762644351

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:52 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 19 Jul 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:51 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;education_stat?q;r;s1600*1200*24;uhttp%3A//www.repetitor.ua/;0.5243360762644351
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 19 Jul 2020 21:00:00 GMT

GET
H/1.1 200
OK b60_top.gif
i.bigmir.net/cnt/samples/diagonal/ 65 B
388 B 115ms
95ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/samples/diagonal/b60_top.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 62809c09f78bcbcf1233cfcde966c640fd0ad54e1b5ef157dcac1897180f44d8

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Tue, 23 Jan 2007 13:14:28 GMT
Server: nginx
ETag: "45b60a34-41"
Content-Type: image/gif
Cache-Control: max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 65
Expires: Fri, 23 Jul 2021 02:33:50 GMT

GET
H/1.1 200
OK b60_center.gif
i.bigmir.net/cnt/samples/diagonal/ 79 B
402 B 123ms
102ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/samples/diagonal/b60_center.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 89d15e8d6c0a69d8914c2c2363200b5fc3033c509439795e5bbe144974038e81

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Tue, 23 Jan 2007 13:14:28 GMT
Server: nginx
ETag: "45b60a34-4f"
Content-Type: image/gif
Cache-Control: max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 79
Expires: Fri, 23 Jul 2021 02:33:50 GMT

GET
H/1.1 200
OK b60_bottom.gif
i.bigmir.net/cnt/samples/diagonal/ 66 B
389 B 117ms
97ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/samples/diagonal/b60_bottom.gif
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1101aeb68ba6cbf1f0592f3aec94fc2820012891b0543d3b5c54d0cb48324b36

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Tue, 23 Jan 2007 13:14:28 GMT
Server: nginx
ETag: "45b60a34-42"
Content-Type: image/gif
Cache-Control: max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 66
Expires: Fri, 23 Jul 2021 02:33:50 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 223 KB
71 KB 149ms
50ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: yastatic.net
URL: http://yastatic.net/share2/share.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:50 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 10:21:03 GMT
etag: "60ec4755-11a70"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 72304
expires: Tue, 20 Jul 2021 03:33:50 GMT

GET
DATA 200
OK truncated
/ 799 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 603 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 520 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 5 KB
2 KB 193ms
139ms Script
application/javascript 146.0.227.107
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=5945590768827347&cpv=f2517222-c4b3-b15d-96f1-ed40ab210bf2&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22de992d0e-ce8e-9f9f-b528-d34a7a3cae03%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fwww.repetitor.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229d4c8ea4-2623-4782-e44c-9abe7b19f972%22%2C%22tagid%22%3A%22e21e06b7-8504-4b52-be4d-9685822441f0%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_e21e06b785044b52be4d9685822441f0_zone_2140_sect_740_site_727%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rd=true

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/707d26dd5c625cf234ec.b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

58670ca692f4623765a6514fdfa1c5dc1503b230ef7d5f1636794bf202810727

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript
Keep-Alive: timeout=25
Content-Length: 1819
X-Xss-Protection: 0

GET
H/1.1

200
OK

rsc.php Show response
rbnt.org/ Frame 595B
Redirect Chain

http://t02.rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203
https://rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203
https://rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203&csc=1

20 B
521 B

31ms
30ms

Script
text/javascript

148.251.159.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203&csc=1

Requested by

Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=520460621

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

148.251.159.22 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.22.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

21b82e2818317d8154b0015d7a606c590429a8645c79d2f90922449c805a2fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 02:33:50 GMT
Server: nginx
Strict-Transport-Security: max-age=0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:50 GMT
Server: nginx
Strict-Transport-Security: max-age=0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: /rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203&csc=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

204

aotm.js Show response
sync.dmp.otm-r.com/match/ Frame 595B
Redirect Chain

http://sync.dmp.otm-r.com/match/aotm.js
https://sync.dmp.otm-r.com/match/aotm.js

0
68 B

69ms
34ms

Script
text/plain

195.201.57.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.dmp.otm-r.com/match/aotm.js
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=520460621
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.57.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.17.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 02:33:50 GMT
server: nginx/1.17.0

Redirect headers

Location: https://sync.dmp.otm-r.com/match/aotm.js
Date: Tue, 20 Jul 2021 02:33:50 GMT
Server: nginx/1.17.0
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

cm.gif
ad.mail.ru/ Frame 595B
Redirect Chain

http://x.instreamatic.com/v2/mark/787.gif
http://ad.mail.ru/cm.gif?p=66&id=07ea02599928dce7

43 B
627 B

74ms
44ms

Image
image/gif

2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ad.mail.ru/cm.gif?p=66&id=07ea02599928dce7
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=520460621
Protocol: HTTP/1.1
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:50 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Tue, 20 Jul 2021 08:33:50 GMT

Redirect headers

Location: http://ad.mail.ru/cm.gif?p=66&id=07ea02599928dce7
Date: Tue, 20 Jul 2021 02:33:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.14.0 (Ubuntu)
Connection: close
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET /
livestatisc.com/ads/ Frame 3579 0
0

GET
H/1.1 200
OK 556d807310823b694772f699.js Show response
static.weborama.io/ Frame 3579 9 KB
9 KB 324ms
59ms Script
application/javascript 207.154.204.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://static.weborama.io/556d807310823b694772f699.js
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=172818430
Protocol: HTTP/1.1
Server: 207.154.204.189 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.6.2 /
Resource Hash: d22f3bebb926a603525fe11e87bde207fc9d948a582c227be9405e3b05302d65

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:26:26 GMT
Last-Modified: Tue, 27 Dec 2016 15:33:29 GMT
Server: nginx/1.6.2
ETag: "586289c9-233b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9019

GET
H/1.1 200
OK smartPixel.min.js Show response
pixel.vihub.ru/smart/_pub/advmaker/dist/ Frame 3579 9 KB
9 KB 57ms
40ms Script
application/javascript 136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.vihub.ru/smart/_pub/advmaker/dist/smartPixel.min.js
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=172818430
Protocol: HTTP/1.1
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: a72f6e287ccbd8e44f5f415148688ca4cc0abddd57e0b14e62560eb7e3152397

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Wed, 26 Jul 2017 10:56:15 GMT
Server: nginx/1.12.2
ETag: "5978754f-232e"
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 9006

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
177 B 7187ms
41ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/306443839e6ad02abd2f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.repetitor.ua
date: Tue, 20 Jul 2021 02:33:57 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=349fc324-d100-52c9-a926-3c16c9d00a03

43 B
448 B

25ms
25ms

Image
image/gif

146.0.227.107
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=349fc324-d100-52c9-a926-3c16c9d00a03

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:57 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=349fc324-d100-52c9-a926-3c16c9d00a03
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc=
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEOKOM-TyR010P_L820ey-7U&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=530edb2619a143bb9a3d6b217bd7fa12

35 B
351 B

115ms
28ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=530edb2619a143bb9a3d6b217bd7fa12
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:52 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Tue, 20 Jul 2021 02:33:52 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=530edb2619a143bb9a3d6b217bd7fa12
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

29ms
29ms

Image
image/gif

185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:57 GMT, Tue, 20 Jul 2021 02:33:57 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Tue, 20 Jul 2021 02:33:57 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NmZmMzkyZmJiOGRlNGE0NWFjOGFhMjBhN2NiMjZkMTc=&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NmZmMzkyZmJiOGRlNGE0NWFjOGFhMjBhN2NiMjZkMTc=&google_cm=&google_tc=
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESECi6LQnveEA_9xsf1ke7bAM&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=8cebd6c5faec4c7b9166c1f3a06b48a5

35 B
351 B

117ms
28ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=8cebd6c5faec4c7b9166c1f3a06b48a5
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:52 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Tue, 20 Jul 2021 02:33:52 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=8cebd6c5faec4c7b9166c1f3a06b48a5
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-5669160290
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Ao3vbdEkdeu7GrxQ631R32A

43 B
448 B

26ms
25ms

Image
image/gif

146.0.227.107
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Ao3vbdEkdeu7GrxQ631R32A

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:53 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:53 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location: https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Ao3vbdEkdeu7GrxQ631R32A
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 2118ms
29ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=6ff392fbb8de4a45ac8aa20a7cb26d17
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:52 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H2 200 cm.php
ismatlab.com/cp/api/ 43 B
149 B 7228ms
55ms Image
image/gif 54.194.21.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ismatlab.com/cp/api/cm.php?t=6ff392fbb8de4a45ac8aa20a7cb26d17&rurl=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE74212A8-B685-43DE-96BE-5625F08BF373%26id%3D%5Baclid%5D45

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.21.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-21-127.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:57 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif

GET
H2

200

pic.gif
pa.tns-ua.com/bug/
Redirect Chain

https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=6ff392fbb8de4a45ac8aa20a7cb26d17
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z2AE5D3AEADD4A66AC075EA776172543&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=6ff392fbb8de4a45ac8aa20a7cb26d17

56 B
174 B

53ms
53ms

Image
image/gif

194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z2AE5D3AEADD4A66AC075EA776172543&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=6ff392fbb8de4a45ac8aa20a7cb26d17
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:51 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0
content-type: image/gif
expires: -1

Redirect headers

location: https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z2AE5D3AEADD4A66AC075EA776172543&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=6ff392fbb8de4a45ac8aa20a7cb26d17
date: Tue, 20 Jul 2021 02:33:51 GMT
cache-control: no-cache
server: nginx/1.18.0
content-length: 0
expires: -1

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=6ff392fbb8de4a45ac8aa20a7cb26d17&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=6ff392fbb8de4a45ac8aa20a7cb26d17&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a31b2efa-4465-436c-8e68-c37894249739&ssp=admixer
https://inv-nets.admixer.net/bs/cm.aspx?id=a09bd8e0-7fc0-42f0-bf23-f2dd5599e087&gdpr=&consent=&gdpr_pd=

43 B
448 B

25ms
24ms

Image
image/gif

146.0.227.107
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=a09bd8e0-7fc0-42f0-bf23-f2dd5599e087&gdpr=&consent=&gdpr_pd=

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: //inv-nets.admixer.net/bs/cm.aspx?id=a09bd8e0-7fc0-42f0-bf23-f2dd5599e087&gdpr=&consent=&gdpr_pd=
date: Tue, 20 Jul 2021 02:33:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET /
livestatisc.com/ads/ Frame 595B 0
0

GET
H/1.1 200
OK 556d807310823b694772f699.js Show response
static.weborama.io/ Frame 595B 9 KB
9 KB 336ms
36ms Script
application/javascript 207.154.204.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://static.weborama.io/556d807310823b694772f699.js
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=520460621
Protocol: HTTP/1.1
Server: 207.154.204.189 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.6.2 /
Resource Hash: d22f3bebb926a603525fe11e87bde207fc9d948a582c227be9405e3b05302d65

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:26:26 GMT
Last-Modified: Tue, 27 Dec 2016 15:33:29 GMT
Server: nginx/1.6.2
ETag: "586289c9-233b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9019

GET
H/1.1 200
OK smartPixel.min.js Show response
pixel.vihub.ru/smart/_pub/advmaker/dist/ Frame 595B 9 KB
9 KB 59ms
27ms Script
application/javascript 136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.vihub.ru/smart/_pub/advmaker/dist/smartPixel.min.js
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=520460621
Protocol: HTTP/1.1
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: a72f6e287ccbd8e44f5f415148688ca4cc0abddd57e0b14e62560eb7e3152397

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Wed, 26 Jul 2017 10:56:15 GMT
Server: nginx/1.12.2
ETag: "5978754f-232e"
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 9006

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9339.xv0ClRCf4Lj9wntzyv3blt01HHQ24_b8VJ4yGLm_VY3gzPXPst5O3n1iYqKU1AuW.uvgN-4ugJ_orM5Hc2J9H9sO_K3M%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9339.fgroTG61zmKauHKOzMBf-_m5ubC9L4aq6uQtBxgKQzwLfOFYPqr_AmyKitbUf9O8PUmdZp8OHwio5s8TwB_BeQ%2C%2C.fwqDHTW1i8Jyyq_lw1s06aWdXL4%2C

75 B
75 B

53ms
53ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9339.fgroTG61zmKauHKOzMBf-_m5ubC9L4aq6uQtBxgKQzwLfOFYPqr_AmyKitbUf9O8PUmdZp8OHwio5s8TwB_BeQ%2C%2C.fwqDHTW1i8Jyyq_lw1s06aWdXL4%2C

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:50 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9339.fgroTG61zmKauHKOzMBf-_m5ubC9L4aq6uQtBxgKQzwLfOFYPqr_AmyKitbUf9O8PUmdZp8OHwio5s8TwB_BeQ%2C%2C.fwqDHTW1i8Jyyq_lw1s06aWdXL4%2C
date: Tue, 20 Jul 2021 02:33:50 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 51ms
51ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:50 GMT
last-modified: Thu, 15 Jul 2021 10:21:03 GMT
etag: "60ec4755-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Jul 2021 03:33:50 GMT

GET
H/1.1 200
OK matchx.html Show response
uuidksinc.net/ Frame 4402 6 KB
2 KB 1088ms
38ms Document
text/html 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://uuidksinc.net/matchx.html
Requested by: Host: farension.com
URL: https://farension.com/51807.js
Protocol: HTTP/1.1
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: c531eb2baeaef34843e9785bc63435f6a7a73f5540dd244071b491f8efc0e803

Request headers

Host: uuidksinc.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.repetitor.ua/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.repetitor.ua/

Response headers

Server: nginx/1.19.0
Date: Tue, 20 Jul 2021 02:33:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Jul 2021 16:00:14 GMT
Vary: Accept-Encoding
ETag: W/"60f1ad0e-172a"
Expires: Tue, 20 Jul 2021 02:48:51 GMT
Cache-Control: max-age=900 public
Content-Encoding: gzip

GET
H/1.1 200
OK pixeljs Show response
dmp.vihub.ru/ Frame 3579 1 KB
1 KB 1040ms
53ms Script
application/javascript 136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dmp.vihub.ru/pixeljs?sa=17
Requested by: Host: pixel.vihub.ru
URL: http://pixel.vihub.ru/smart/_pub/advmaker/dist/smartPixel.min.js
Protocol: HTTP/1.1
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: fasthttp /
Resource Hash: 5f8cc0d1810bd2b6e063f8b147f0c61c07bcc54c78d36058f178d05bca935e69

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:51 GMT
Server: fasthttp
Connection: keep-alive
Content-Length: 1149
Content-Type: application/javascript

GET
H/1.1 200
OK pixeljs Show response
dmp.vihub.ru/ Frame 595B 1 KB
1 KB 1075ms
34ms Script
application/javascript 136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dmp.vihub.ru/pixeljs?sa=17
Requested by: Host: pixel.vihub.ru
URL: http://pixel.vihub.ru/smart/_pub/advmaker/dist/smartPixel.min.js
Protocol: HTTP/1.1
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: fasthttp /
Resource Hash: 1f142218357b320be1d8eda566cade1653ccb16cb0606d090bb54b8c0702ada5

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:51 GMT
Server: fasthttp
Connection: keep-alive
Content-Length: 1149
Content-Type: application/javascript

GET
H/1.1

200
OK

dispatch.fcgi Show response
wam.solution.weborama.fr/fcgi-bin/ Frame 3579
Redirect Chain

http://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_bbgf8g69m4nv21t
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_bbgf8g69m4nv21t
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=792002&d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_bbgf8g69m4nv21t

119 B
542 B

41ms
22ms

Script
application/json

195.54.48.26
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to

Full URL: https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=792002&d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_bbgf8g69m4nv21t
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=172818430
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.54.48.26 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS: aub-collect-lb-c03-02-vip.weborama.fr
Software: Apache /
Resource Hash: 0894d7332cb743fd777d11398f6e05b327478554a212e3fe747b653da12280c6

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:50 GMT
last-modified: Tue, 20 Jul 2021 02:33:50 GMT
server: Apache
transfer-encoding: chunked
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/json
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:50 GMT
last-modified: Tue, 20 Jul 2021 02:33:50 GMT
server: Apache
access-control-allow-origin: *
transfer-encoding: chunked
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=792002&d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_bbgf8g69m4nv21t
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200
OK

dispatch.fcgi Show response
wam.solution.weborama.fr/fcgi-bin/ Frame 595B
Redirect Chain

http://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_khlsfv3u4ok7yi4
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_khlsfv3u4ok7yi4
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=863784&d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_khlsfv3u4ok7yi4

119 B
542 B

43ms
19ms

Script
application/json

195.54.48.26
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to

Full URL: https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=863784&d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_khlsfv3u4ok7yi4
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=520460621
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.54.48.26 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS: aub-collect-lb-c03-02-vip.weborama.fr
Software: Apache /
Resource Hash: 7e3cad99f551463c23e5df37b6a58705acec49a32190b236d23cd3efc62184fe

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:51 GMT
last-modified: Tue, 20 Jul 2021 02:33:51 GMT
server: Apache
transfer-encoding: chunked
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/json
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:50 GMT
last-modified: Tue, 20 Jul 2021 02:33:50 GMT
server: Apache
access-control-allow-origin: *
transfer-encoding: chunked
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=863784&d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_khlsfv3u4ok7yi4
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK banner Show response
am15.net/ssp/ Frame 3CFC 639 B
625 B 54ms
54ms Document
text/html 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=02031df9-d032-4051-b8bc-5fee38aa20b4
Requested by: Host: am15.net
URL: http://am15.net/ssp/dsp?upst=j9ouyBm.sBbx2J_Ty7nn&site=32203&height=90&width=728&block=ambn38106&ref=http%3A%2F%2Ficode.advon.net%2F&title=&js=1&time=1626748429&ctype=undefined
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty /
Resource Hash: 19331a6a48d82bfdeea81df71594eddb4accc9a6a789df870722c9a9ddaf97d3

Request headers

Host: am15.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://icode.advon.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://icode.advon.net/

Response headers

Server: openresty
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H/1.1 200
OK banner Show response
am15.net/ssp/ Frame CD40 727 B
730 B 59ms
58ms Document
text/html 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=b6a56554-ddc8-4181-a7cd-eb8d7ee5e50d
Requested by: Host: am15.net
URL: http://am15.net/ssp/dsp?upst=j9ouyBm.sBbx2J_Ty7nn&site=32203&height=90&width=728&block=ambn38106&ref=http%3A%2F%2Ficode.advon.net%2F&title=&js=1&time=1626748429&ctype=undefined
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty /
Resource Hash: 96bee4ba9f9b6f96135c214b27e634328ab88b702579d7c5c710d2fe396b3788

Request headers

Host: am15.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://icode.advon.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://icode.advon.net/

Response headers

Server: openresty
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H/1.1 200
OK af2ea196da89c1b59e42f2d5af46d7b4.gif
b.am15.net/af/ Frame 3CFC 68 KB
68 KB 135ms
94ms Image
image/gif 95.216.240.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.am15.net/af/af2ea196da89c1b59e42f2d5af46d7b4.gif
Requested by: Host: am15.net
URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=02031df9-d032-4051-b8bc-5fee38aa20b4
Protocol: HTTP/1.1
Server: 95.216.240.254 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.240.216.95.clients.your-server.de
Software: openresty /
Resource Hash: 7c9d65d9cee2f5a9818ec99eda6c13fbe10677b2c65b7ddf21e2b06fbc96a62a

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Sat, 03 Apr 2021 03:42:07 GMT
Server: openresty
ETag: "6067e40f-10fd6"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69590

GET
H/1.1 200
OK ambn.png
b.am15.net/ Frame 3CFC 6 KB
6 KB 128ms
87ms Image
image/png 95.216.240.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.am15.net/ambn.png
Requested by: Host: am15.net
URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=02031df9-d032-4051-b8bc-5fee38aa20b4
Protocol: HTTP/1.1
Server: 95.216.240.254 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.240.216.95.clients.your-server.de
Software: openresty /
Resource Hash: f8ef0068a018e69ac5f56505d59a2fa3acf3916b0040fa3a28301b39daf6bc19

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Fri, 06 Sep 2013 09:15:37 GMT
Server: openresty
ETag: "52299d39-18fb"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6395

GET
H2

200

1 Show response
mc.yandex.com/watch/26812653/
Redirect Chain

https://mc.yandex.com/watch/26812653?wmode=7&page-url=http%3A%2F%2Fwww.repetitor.ua%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&browser-in...
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fwww.repetitor.ua%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&browser-...

316 B
398 B

53ms
53ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fwww.repetitor.ua%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A8030%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A556522861711%3Ahid%3A4223096%3Az%3A120%3Ai%3A20210720043350%3Aet%3A1626748430%3Ac%3A1%3Arn%3A52994990%3Au%3A16267484301052183163%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626748421661%3Ads%3A10%2C5%2C4426%2C90%2C3409%2C0%2C%2C519%2C34%2C%2C%2C%2C8372%3Adsn%3A9%2C6%2C4425%2C90%2C3408%2C0%2C%2C433%2C33%2C%2C%2C%2C8372%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1626748431%3At%3A%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

10df42b8890fb1a6b2c62440094e06e1b003d002b073d0c7bfa5e8581ff1cb05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 20-Jul-2021 02:33:50 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.repetitor.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 02:33:50 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:50 GMT
last-modified: Tue, 20-Jul-2021 02:33:50 GMT
location: /watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fwww.repetitor.ua%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A8030%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A556522861711%3Ahid%3A4223096%3Az%3A120%3Ai%3A20210720043350%3Aet%3A1626748430%3Ac%3A1%3Arn%3A52994990%3Au%3A16267484301052183163%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626748421661%3Ads%3A10%2C5%2C4426%2C90%2C3409%2C0%2C%2C519%2C34%2C%2C%2C%2C8372%3Adsn%3A9%2C6%2C4425%2C90%2C3408%2C0%2C%2C433%2C33%2C%2C%2C%2C8372%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1626748431%3At%3A%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B
strict-transport-security: max-age=31536000
access-control-allow-origin: http://www.repetitor.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 02:33:50 GMT

GET
H/1.1 200
OK bn1.php Show response
am15.net/ Frame CD40 552 B
914 B 59ms
58ms Script
text/javascript 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/bn1.php?k=tYXPI1tFcm242mkidRhmqavUJzKvGQJ4KENp0IyMmGbM8Y7LumO.85OIro_Tfp0EaFA_caDBckejU60oBYyuIQesZu5owRCVCyloZhB42-ISPsI.vAc6dkG6K2261p3_eJFZkEyc&cook=1&dt=05&fl=0&jq=&un=0&ref=http%3A%2F%2Ficode.advon.net%2F&upst=j9ouyBm.sBbx2J_Ty7nn&tt=
Requested by: Host: am15.net
URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=b6a56554-ddc8-4181-a7cd-eb8d7ee5e50d
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: fd73e53fbe9df707fb99640593c04859569d217d9c0179a06e8b7356b80a2753

Request headers

Referer: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=b6a56554-ddc8-4181-a7cd-eb8d7ee5e50d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 02:33:50 GMT
Server: openresty
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/javascript; charset=windows-1251
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ambn.png
b.am15.net/ Frame CD40 6 KB
6 KB 106ms
92ms Image
image/png 95.216.240.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.am15.net/ambn.png
Requested by: Host: am15.net
URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=b6a56554-ddc8-4181-a7cd-eb8d7ee5e50d
Protocol: HTTP/1.1
Server: 95.216.240.254 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.240.216.95.clients.your-server.de
Software: openresty /
Resource Hash: f8ef0068a018e69ac5f56505d59a2fa3acf3916b0040fa3a28301b39daf6bc19

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Fri, 06 Sep 2013 09:15:37 GMT
Server: openresty
ETag: "52299d39-18fb"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6395

GET
H/1.1 200
OK Cookie set bn2.php Show response
am15.net/ Frame E70B 660 B
1 KB 78ms
78ms Document
text/html 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/bn2.php?sw=1600&sh=1200&k=b1w107000709b40f13b9bd2b00247594f304728a2107200533&s=0&dpr=1&f=6
Requested by: Host: am15.net
URL: http://am15.net/bn1.php?k=tYXPI1tFcm242mkidRhmqavUJzKvGQJ4KENp0IyMmGbM8Y7LumO.85OIro_Tfp0EaFA_caDBckejU60oBYyuIQesZu5owRCVCyloZhB42-ISPsI.vAc6dkG6K2261p3_eJFZkEyc&cook=1&dt=05&fl=0&jq=&un=0&ref=http%3A%2F%2Ficode.advon.net%2F&upst=j9ouyBm.sBbx2J_Ty7nn&tt=
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 6a32dfe446e15f0d1d19f60c1c3128085d4cdd7e806d51559818760e4ccf74fa

Request headers

Host: am15.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=b6a56554-ddc8-4181-a7cd-eb8d7ee5e50d
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=b6a56554-ddc8-4181-a7cd-eb8d7ee5e50d

Response headers

Server: openresty
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
P3P: CP="HONK NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: amuidtrk=JrzNhozGSMHj9rHs2hYxyBI.1BSDNC_Fd7Fn; expires=Tue, 20-Jul-2021 23:59:59 GMT; Max-Age=77169; path=/; domain=.am15.net amuidtrk=JrzNhozGSMHj9rHh1BSDNC_Fd7Fn; expires=Tue, 20-Jul-2021 23:59:59 GMT; Max-Age=77169; path=/; domain=.am15.net ambn_v=y-Mz2BozNPbxNsgjFtbF; expires=Tue, 20-Jul-2021 02:48:50 GMT; Max-Age=900; path=/; domain=am15.net ambn_bv_6=y-IxyQMz2BozNPgj1sbxeFFn; expires=Tue, 20-Jul-2021 02:48:50 GMT; Max-Age=900; path=/; domain=am15.net
Content-Encoding: gzip

POST
H2 200 1 Show response
mc.yandex.com/watch/26812653/ 43 B
100 B 53ms
53ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?page-url=http%3A%2F%2Fwww.repetitor.ua%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A1%3Als%3A556522861711%3Ahid%3A4223096%3Az%3A120%3Ai%3A20210720043350%3Aet%3A1626748431%3Ac%3A1%3Arn%3A144478100%3Au%3A16267484301052183163%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1626748421661%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626748431

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:50 GMT
last-modified: Tue, 20-Jul-2021 02:33:50 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://www.repetitor.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 02:33:50 GMT

GET
H/1.1 200
OK af2ea196da89c1b59e42f2d5af46d7b4.gif
b.am15.net/af/ Frame E70B 68 KB
68 KB 54ms
53ms Image
image/gif 95.216.240.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.am15.net/af/af2ea196da89c1b59e42f2d5af46d7b4.gif
Requested by: Host: am15.net
URL: http://am15.net/bn2.php?sw=1600&sh=1200&k=b1w107000709b40f13b9bd2b00247594f304728a2107200533&s=0&dpr=1&f=6
Protocol: HTTP/1.1
Server: 95.216.240.254 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.240.216.95.clients.your-server.de
Software: openresty /
Resource Hash: 7c9d65d9cee2f5a9818ec99eda6c13fbe10677b2c65b7ddf21e2b06fbc96a62a

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Sat, 03 Apr 2021 03:42:07 GMT
Server: openresty
ETag: "6067e40f-10fd6"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69590

GET
H/1.1 200
OK ambn.png
b.am15.net/ Frame E70B 6 KB
6 KB 51ms
51ms Image
image/png 95.216.240.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.am15.net/ambn.png
Requested by: Host: am15.net
URL: http://am15.net/bn2.php?sw=1600&sh=1200&k=b1w107000709b40f13b9bd2b00247594f304728a2107200533&s=0&dpr=1&f=6
Protocol: HTTP/1.1
Server: 95.216.240.254 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.240.216.95.clients.your-server.de
Software: openresty /
Resource Hash: f8ef0068a018e69ac5f56505d59a2fa3acf3916b0040fa3a28301b39daf6bc19

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:50 GMT
Last-Modified: Fri, 06 Sep 2013 09:15:37 GMT
Server: openresty
ETag: "52299d39-18fb"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6395

GET
H/1.1 200
OK 220a3ab992256d1ee152.b.js Show response
cdn.admixer.net/scripts3/ 28 KB
12 KB 7ms
6ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/220a3ab992256d1ee152.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 63b18b5635fc1818da6712734fc0d500652a85fecf6dfe1b4cb3cee139e52899

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc36
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 08:09:33 GMT
Server: nginx
ETag: W/"60f13ebd-7029"
Vary: Accept-Encoding
X-Cached-Since: 2021-07-16T08:15:03+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Sun, 17 Jul 2022 08:15:03 GMT

GET
H/1.1 200
OK ede2c96e6a0d474ef44e.b.js Show response
cdn.admixer.net/scripts3/ 42 KB
19 KB 8ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/ede2c96e6a0d474ef44e.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b3883229115068714ffc63c82db6f810e84201317cb0385cc3b7c94b0c305554

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc33
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 08:09:46 GMT
Server: nginx
ETag: W/"60f13eca-a7af"
Vary: Accept-Encoding
X-Cached-Since: 2021-07-16T08:16:50+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Sun, 17 Jul 2022 08:16:50 GMT

GET
H/1.1 200
OK ef30fd68f07ce65f2dec.b.js Show response
cdn.admixer.net/scripts3/ 13 KB
5 KB 7ms
6ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/ef30fd68f07ce65f2dec.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 606fb015f87ba5bbcf783cd6fecf1ac351ede8dafa4767a43be8cf80f1634eb6

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc33
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 08:09:46 GMT
Server: nginx
ETag: W/"60f13eca-326c"
Vary: Accept-Encoding
X-Cached-Since: 2021-07-16T08:14:59+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Sun, 17 Jul 2022 08:14:59 GMT

GET
H/1.1 200
OK c9b3c2772742a8f4dab8.b.js Show response
cdn.admixer.net/scripts3/ 11 KB
4 KB 7ms
6ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/c9b3c2772742a8f4dab8.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b5f1343b46d0b18e78ae7bfb6ec5cfd0195a35a07f74da58d0612e06b1c429c2

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc36
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 08:09:44 GMT
Server: nginx
ETag: W/"60f13ec8-2a79"
Vary: Accept-Encoding
X-Cached-Since: 2021-07-16T08:15:05+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Sun, 17 Jul 2022 08:15:05 GMT

GET
H/1.1 200
OK 552a836c33406742fae5.b.js Show response
cdn.admixer.net/scripts3/ 213 KB
74 KB 8ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/552a836c33406742fae5.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: aa26e4172d5712b53abedee51d303b6b6a9e6181c1f08364329aa99868fea78e

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc36
Date: Tue, 20 Jul 2021 02:33:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 08:09:37 GMT
Server: nginx
ETag: W/"60f13ec1-35553"
Vary: Accept-Encoding
X-Cached-Since: 2021-07-16T08:15:03+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Sun, 17 Jul 2022 08:15:03 GMT

GET
H/1.1

200
OK

240x350.js Show response
infoworks.ru/ Frame 2885
Redirect Chain

http://ad.advon.info/240x350.js
http://infoworks.ru/240x350.js

192 B
981 B

75ms
18ms

Script
application/javascript

2606:4700:3036::6815:2875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://infoworks.ru/240x350.js
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 2606:4700:3036::6815:2875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f12360878fc00708d91522749da55b430d5ee2eed1d930c0a6d41b4997115cc8

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3035
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified: Thu, 01 Aug 2019 09:56:29 GMT
Server: cloudflare
ETag: W/"5d42b74d-c0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFNb3QfTCE9HWzQSwCFUwV%2BU5Gag0fHF9B8PlO%2FmdyaG8N%2BwNSA8dOyOuxpgxBo0tNRMACrdx7%2Bwwbbnlk%2BA9bIlo%2BUVXh%2B29PUOBGb3nHDaYqNAf2Er5mduw%2BQxRs4hMoc0AjcrQbJ7Jec%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 6718c97edefc4aa9-FRA

Redirect headers

Date: Tue, 20 Jul 2021 02:33:51 GMT
CF-Cache-Status: EXPIRED
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dckc2gvJZJL9rWNm82%2FrG%2FIQWw98YOeTBx9HRvXafB0OYOUu1%2FXK6ixh5qIrHXV0lbsFrUDpKeEEMcKMkbhzVIcZaZ1NVlfJZ0hdRpETgk%2Fhq7MqnNEPB%2FCALbJ%2FeR6ZU1KPwZX0St9BTUk8"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: http://infoworks.ru/240x350.js
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6718c97e0d1e05f5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Expires: Tue, 20 Jul 2021 02:33:49 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 90ms
88ms Image
image/gif 146.0.227.107
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=FR%2FIDF%2F75%2F2988507&am-uid=6ff392fbb8de4a45ac8aa20a7cb26d17&cet=4&zone=E21E06B7-8504-4B52-BE4D-9685822441F0&rule=9E1E0ABC-8789-4721-83BD-1C0F636DA52B&requestId=bcf339cb-2d1b-4021-bd08-0a890a9ea028&hp=-1465892250&page=www.repetitor.ua%2F&pvid=af2ee14c-41f1-489d-a37f-87f16d0ab736&inst=ADS-EU-3&ts=637623452301350949&sf=0

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:51 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 200
OK rab_google_250.htm Show response
infoworks.ru/ Frame 6C82 112 B
830 B 76ms
76ms Document
text/html 2606:4700:3036::6815:2875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://infoworks.ru/rab_google_250.htm
Requested by: Host: ad.advon.info
URL: http://ad.advon.info/240x350.js
Protocol: HTTP/1.1
Server: 2606:4700:3036::6815:2875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 805b3d00141a5790cce889a3e098dd3e88e90ee166d03f969ad16364ba289c04

Request headers

Host: infoworks.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.repetitor.ua/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.repetitor.ua/

Response headers

Date: Tue, 20 Jul 2021 02:33:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Aug 2019 09:56:26 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuXckIfCtoVoTKriTOwHYBXOdvk87YhCn4urx4XA8rk4WHjyHHcYiTb8ns6HEh%2FBmyw4r7fv3SzJp2W3g9mLsSze49I5bJY%2FqGvnCHBDV3OvF4MFH4GYbn8GwcA%2B2UmIU3veGquP99mRwgY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6718c97f0f204aa9-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK bn.php Show response
am15.net/ Frame 6C82 5 KB
3 KB 60ms
59ms Script
text/javascript 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/bn.php?s=32203&f=2&d=26702
Requested by: Host: infoworks.ru
URL: http://infoworks.ru/rab_google_250.htm
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 570b0da22818a962fc876bff188f0f467dda5084fbef57e771abda77c75a2bda

Request headers

Referer: http://infoworks.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 02:33:51 GMT
Server: openresty
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/javascript; charset=windows-1251
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK uid.php Show response
am15.net/x/ Frame 6AD3 2 KB
1 KB 58ms
58ms Document
text/html 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/x/uid.php?rand=42930306&uid=0EZU6FE
Requested by: Host: am15.net
URL: http://am15.net/bn.php?s=32203&f=2&d=26702
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 7617ad202c74effddd97bba1ed1873a551fbd20d7c2a41f564e8ddc592fe4128

Request headers

Host: am15.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://infoworks.ru/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://infoworks.ru/

Response headers

Server: openresty
Date: Tue, 20 Jul 2021 02:33:51 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:51 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

GET
H/1.1 200
OK Cookie set fpx.php Show response
am15.net/x/ Frame CEFD 3 KB
2 KB 55ms
54ms Document
text/html 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=513105121
Requested by: Host: am15.net
URL: http://am15.net/bn.php?s=32203&f=2&d=26702
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 5198a754fa5484ddf6d055b51d607852250e047b252985d3b02d67b7f2a3391a

Request headers

Host: am15.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://infoworks.ru/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://infoworks.ru/

Response headers

Server: openresty
Date: Tue, 20 Jul 2021 02:33:51 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:51 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: *
Set-Cookie: a6d39=1; expires=Tue, 20-Jul-2021 03:03:51 GMT; Max-Age=1800; path=/; domain=.am15.net
Content-Encoding: gzip

GET
H/1.1 200
OK dsp Show response
am15.net/ssp/ Frame 6C82 512 B
627 B 685ms
685ms Script
application/javascript 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/ssp/dsp?upst=j9ouyBm.sBbx2J_Ty7nn&site=32203&height=400&width=240&block=ambn26702&ref=http%3A%2F%2Finfoworks.ru%2F&title=&js=1&time=1626748431&ctype=undefined
Requested by: Host: am15.net
URL: http://am15.net/bn.php?s=32203&f=2&d=26702
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty /
Resource Hash: 1e94b8ab986d3402e89a73db5ee9a977b340fadcdffe4300df2c0bb844830e30

Request headers

Referer: http://infoworks.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:52 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive

GET
H/1.1

200
OK

rsc.php Show response
rbnt.org/ Frame CEFD
Redirect Chain

http://t02.rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203
https://rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203

20 B
521 B

29ms
28ms

Script
text/javascript

148.251.159.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203

Requested by

Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=513105121

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

148.251.159.22 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.22.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

21b82e2818317d8154b0015d7a606c590429a8645c79d2f90922449c805a2fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 02:33:51 GMT
Server: nginx
Strict-Transport-Security: max-age=0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://rbnt.org/rsc.php?mode=bu&pkey=670606e8072355e8cda6fb0c9d28ca58&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=32203
Date: Tue, 20 Jul 2021 02:33:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Strict-Transport-Security: max-age=0
Content-Type: text/html

GET
H2

204

aotm.js Show response
sync.dmp.otm-r.com/match/ Frame CEFD
Redirect Chain

http://sync.dmp.otm-r.com/match/aotm.js
https://sync.dmp.otm-r.com/match/aotm.js

0
68 B

34ms
33ms

Script
text/plain

195.201.57.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.dmp.otm-r.com/match/aotm.js
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=513105121
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.57.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.17.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 02:33:51 GMT
server: nginx/1.17.0

Redirect headers

Location: https://sync.dmp.otm-r.com/match/aotm.js
Date: Tue, 20 Jul 2021 02:33:51 GMT
Server: nginx/1.17.0
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

cm.gif
ad.mail.ru/ Frame CEFD
Redirect Chain

http://x.instreamatic.com/v2/mark/787.gif
http://ad.mail.ru/cm.gif?p=66&id=49289a4e4503f6ba

43 B
627 B

45ms
44ms

Image
image/gif

2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ad.mail.ru/cm.gif?p=66&id=49289a4e4503f6ba
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=513105121
Protocol: HTTP/1.1
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:52 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:52 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Tue, 20 Jul 2021 08:33:52 GMT

Redirect headers

Location: http://ad.mail.ru/cm.gif?p=66&id=49289a4e4503f6ba
Date: Tue, 20 Jul 2021 02:33:52 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.14.0 (Ubuntu)
Connection: close
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET /
livestatisc.com/ads/ Frame CEFD 0
0

GET
H/1.1 200
OK 556d807310823b694772f699.js Show response
static.weborama.io/ Frame CEFD 9 KB
9 KB 37ms
37ms Script
application/javascript 207.154.204.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://static.weborama.io/556d807310823b694772f699.js
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=513105121
Protocol: HTTP/1.1
Server: 207.154.204.189 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.6.2 /
Resource Hash: d22f3bebb926a603525fe11e87bde207fc9d948a582c227be9405e3b05302d65

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:26:26 GMT
Last-Modified: Tue, 27 Dec 2016 15:33:29 GMT
Server: nginx/1.6.2
ETag: "586289c9-233b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9019

GET
H/1.1 200
OK smartPixel.min.js Show response
pixel.vihub.ru/smart/_pub/advmaker/dist/ Frame CEFD 9 KB
9 KB 28ms
27ms Script
application/javascript 136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.vihub.ru/smart/_pub/advmaker/dist/smartPixel.min.js
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=513105121
Protocol: HTTP/1.1
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: a72f6e287ccbd8e44f5f415148688ca4cc0abddd57e0b14e62560eb7e3152397

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:51 GMT
Last-Modified: Wed, 26 Jul 2017 10:56:15 GMT
Server: nginx/1.12.2
ETag: "5978754f-232e"
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 9006

GET
H/1.1 200
OK pixeljs Show response
dmp.vihub.ru/ Frame CEFD 1 KB
1 KB 137ms
34ms Script
application/javascript 136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dmp.vihub.ru/pixeljs?sa=17
Requested by: Host: pixel.vihub.ru
URL: http://pixel.vihub.ru/smart/_pub/advmaker/dist/smartPixel.min.js
Protocol: HTTP/1.1
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: fasthttp /
Resource Hash: e376b4b3a5e3dad27bc3154608dbf24b99047afaa553ec9d9090f6ecb7368cc9

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:51 GMT
Server: fasthttp
Connection: keep-alive
Content-Length: 1149
Content-Type: application/javascript

GET
H/1.1

200
OK

dispatch.fcgi Show response
wam.solution.weborama.fr/fcgi-bin/ Frame CEFD
Redirect Chain

http://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_rq6rtewf6v96p40
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_rq6rtewf6v96p40

119 B
542 B

22ms
22ms

Script
application/json

195.54.48.26
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to

Full URL: https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_rq6rtewf6v96p40
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=513105121
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.54.48.26 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS: aub-collect-lb-c03-02-vip.weborama.fr
Software: Apache /
Resource Hash: a14cf5a4ba1fd7df7d80f0c23bd3f5a16b8ca50d27d2c82a838c24d3f790096e

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:51 GMT
last-modified: Tue, 20 Jul 2021 02:33:51 GMT
server: Apache
transfer-encoding: chunked
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/json
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_rq6rtewf6v96p40
content-length: 0

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 3579
Redirect Chain

http://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=ffa09f72-6c7f-49f1-944e-d423cb6a05ce
https://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=ffa09f72-6c7f-49f1-944e-d423cb6a05ce
https://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=ffa09f72-6c7f-49f1-944e-d423cb6a05ce&cs=1
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm=&google_tc=
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEGUWksgd-EKP3KbmvtnCMnM&google_gid=CAESEGUWksgd-EKP3KbmvtnCMnM&google_cver=1
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEGUWksgd-EKP3KbmvtnCMnM&google_gid=CAESEGUWksgd-EKP3KbmvtnCMnM&google_cver=1&cs=1

35 B
475 B

34ms
33ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEGUWksgd-EKP3KbmvtnCMnM&google_gid=CAESEGUWksgd-EKP3KbmvtnCMnM&google_cver=1&cs=1
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=172818430
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:52 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEGUWksgd-EKP3KbmvtnCMnM&google_gid=CAESEGUWksgd-EKP3KbmvtnCMnM&google_cver=1&cs=1
date: Tue, 20 Jul 2021 02:33:52 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

match
dmp.vihub.ru/ Frame 3579
Redirect Chain

http://x01.aidata.io/0.gif?pid=VIHUB&id=ffa09f72-6c7f-49f1-944e-d423cb6a05ce
http://x01.aidata.io/0.gif?pid=VIHUB&id=ffa09f72-6c7f-49f1-944e-d423cb6a05ce&bounce=1
http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=

35 B
297 B

34ms
34ms

Image
image/gif

136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=172818430
Protocol: HTTP/1.1
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: fasthttp /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:54 GMT
Server: fasthttp
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:54 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:53 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 0
Expires: Tue, 20 Jul 2021 02:33:53 GMT

GET
H/1.1 200
OK ssp
sync.videonow.ru/ Frame 3579 35 B
673 B 1133ms
104ms Image
image/gif 212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sync.videonow.ru/ssp?dsp=16&uuid=ffa09f72-6c7f-49f1-944e-d423cb6a05ce
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=172818430
Protocol: HTTP/1.1
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:52 GMT
Server: nginx
X-Conn-Req: 1
Vary: Origin
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
X-Conn-Id: 3931440
Content-Length: 35

GET
H2

200

match
dmp.vihub.ru/ Frame 3579
Redirect Chain

http://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=ffa09f72-6c7f-49f1-944e-d423cb6a05ce
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=ffa09f72-6c7f-49f1-944e-d423cb6a05ce
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=ffa09f72-6c7f-49f1-944e-d423cb6a05ce&tuid=-6378782629
https://dmp.vihub.ru/match?sysid=adr&redir=no&uid=AOHOoxA6kuWQ4G4csuAbV5Q

35 B
192 B

360ms
35ms

Image
image/gif

136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.vihub.ru/match?sysid=adr&redir=no&uid=AOHOoxA6kuWQ4G4csuAbV5Q
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=172818430
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: fasthttp /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:53 GMT
server: fasthttp
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:53 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location: //dmp.vihub.ru/match?sysid=adr&redir=no&uid=AOHOoxA6kuWQ4G4csuAbV5Q
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
dmp.vihub.ru/ Frame 595B
Redirect Chain

http://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=aef54244-44e6-4888-9ce6-86fe5843e282
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=aef54244-44e6-4888-9ce6-86fe5843e282
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=aef54244-44e6-4888-9ce6-86fe5843e282&tuid=-6151796416
https://dmp.vihub.ru/match?sysid=adr&redir=no&uid=ABx9sGSkX6R72rAHUPReo1A

35 B
193 B

360ms
36ms

Image
image/gif

136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.vihub.ru/match?sysid=adr&redir=no&uid=ABx9sGSkX6R72rAHUPReo1A
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=520460621
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: fasthttp /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:53 GMT
server: fasthttp
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:53 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location: //dmp.vihub.ru/match?sysid=adr&redir=no&uid=ABx9sGSkX6R72rAHUPReo1A
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 595B
Redirect Chain

http://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=aef54244-44e6-4888-9ce6-86fe5843e282
https://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=aef54244-44e6-4888-9ce6-86fe5843e282
https://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=aef54244-44e6-4888-9ce6-86fe5843e282&cs=1
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm=&google_tc=
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEMYFPh3IJ3JHNxOmSHr3LWI&google_gid=CAESEMYFPh3IJ3JHNxOmSHr3LWI&google_cver=1
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEMYFPh3IJ3JHNxOmSHr3LWI&google_gid=CAESEMYFPh3IJ3JHNxOmSHr3LWI&google_cver=1&cs=1

35 B
475 B

34ms
34ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEMYFPh3IJ3JHNxOmSHr3LWI&google_gid=CAESEMYFPh3IJ3JHNxOmSHr3LWI&google_cver=1&cs=1
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=520460621
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:52 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEMYFPh3IJ3JHNxOmSHr3LWI&google_gid=CAESEMYFPh3IJ3JHNxOmSHr3LWI&google_cver=1&cs=1
date: Tue, 20 Jul 2021 02:33:52 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

match
dmp.vihub.ru/ Frame 595B
Redirect Chain

http://x01.aidata.io/0.gif?pid=VIHUB&id=aef54244-44e6-4888-9ce6-86fe5843e282
http://x01.aidata.io/0.gif?pid=VIHUB&id=aef54244-44e6-4888-9ce6-86fe5843e282&bounce=1
http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=

35 B
297 B

34ms
34ms

Image
image/gif

136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=520460621
Protocol: HTTP/1.1
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: fasthttp /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:54 GMT
Server: fasthttp
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:54 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:53 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 0
Expires: Tue, 20 Jul 2021 02:33:53 GMT

GET
H/1.1 200
OK ssp
sync.videonow.ru/ Frame 595B 35 B
673 B 1160ms
61ms Image
image/gif 212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sync.videonow.ru/ssp?dsp=16&uuid=aef54244-44e6-4888-9ce6-86fe5843e282
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=520460621
Protocol: HTTP/1.1
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:52 GMT
Server: nginx
X-Conn-Req: 1
Vary: Origin
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
X-Conn-Id: 3931489
Content-Length: 35

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame CEFD
Redirect Chain

http://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=86e5b168-a2b5-4316-ad75-646237084f99
https://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=86e5b168-a2b5-4316-ad75-646237084f99
https://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=86e5b168-a2b5-4316-ad75-646237084f99&cs=1
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm=&google_tc=
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEEpnlpziHUOagp57AvojPH8&google_gid=CAESEEpnlpziHUOagp57AvojPH8&google_cver=1
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEEpnlpziHUOagp57AvojPH8&google_gid=CAESEEpnlpziHUOagp57AvojPH8&google_cver=1&cs=1

35 B
475 B

33ms
33ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEEpnlpziHUOagp57AvojPH8&google_gid=CAESEEpnlpziHUOagp57AvojPH8&google_cver=1&cs=1
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=513105121
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:52 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEEpnlpziHUOagp57AvojPH8&google_gid=CAESEEpnlpziHUOagp57AvojPH8&google_cver=1&cs=1
date: Tue, 20 Jul 2021 02:33:52 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

match
dmp.vihub.ru/ Frame CEFD
Redirect Chain

http://x01.aidata.io/0.gif?pid=VIHUB&id=86e5b168-a2b5-4316-ad75-646237084f99
http://x01.aidata.io/0.gif?pid=VIHUB&id=86e5b168-a2b5-4316-ad75-646237084f99&bounce=1
http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=

35 B
297 B

34ms
33ms

Image
image/gif

136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=513105121
Protocol: HTTP/1.1
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: fasthttp /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:54 GMT
Server: fasthttp
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:54 GMT
Last-Modified: Tue, 20 Jul 2021 02:33:53 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 0
Expires: Tue, 20 Jul 2021 02:33:53 GMT

GET
H/1.1 200
OK ssp
sync.videonow.ru/ Frame CEFD 35 B
673 B 1192ms
66ms Image
image/gif 212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sync.videonow.ru/ssp?dsp=16&uuid=86e5b168-a2b5-4316-ad75-646237084f99
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=513105121
Protocol: HTTP/1.1
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:52 GMT
Server: nginx
X-Conn-Req: 1
Vary: Origin
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
X-Conn-Id: 3931539
Content-Length: 35

GET
H2

200

match
dmp.vihub.ru/ Frame CEFD
Redirect Chain

http://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=86e5b168-a2b5-4316-ad75-646237084f99
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=86e5b168-a2b5-4316-ad75-646237084f99
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=86e5b168-a2b5-4316-ad75-646237084f99&tuid=-5857214049
https://dmp.vihub.ru/match?sysid=adr&redir=no&uid=AeiAgunP5E4PO1pnQOB38iw

35 B
192 B

290ms
36ms

Image
image/gif

136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.vihub.ru/match?sysid=adr&redir=no&uid=AeiAgunP5E4PO1pnQOB38iw
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbx2J_Ty7nn&s=32203&t=bn&rand=513105121
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: fasthttp /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:53 GMT
server: fasthttp
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:53 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location: //dmp.vihub.ru/match?sysid=adr&redir=no&uid=AeiAgunP5E4PO1pnQOB38iw
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK banner Show response
am15.net/ssp/ Frame EB73 584 B
588 B 59ms
59ms Document
text/html 95.216.224.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=93cd9bcf-69b0-4029-84f5-f7bbfbc6470a
Requested by: Host: am15.net
URL: http://am15.net/ssp/dsp?upst=j9ouyBm.sBbx2J_Ty7nn&site=32203&height=400&width=240&block=ambn26702&ref=http%3A%2F%2Finfoworks.ru%2F&title=&js=1&time=1626748431&ctype=undefined
Protocol: HTTP/1.1
Server: 95.216.224.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.224.216.95.clients.your-server.de
Software: openresty /
Resource Hash: 904cf213353c7ed66093dba1a68e4d8bb0fa1693b048c02bde50402993c24f91

Request headers

Host: am15.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://infoworks.ru/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://infoworks.ru/

Response headers

Server: openresty
Date: Tue, 20 Jul 2021 02:33:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H2 200 click.net.1089776.js Show response
jsc.adskeeper.com/c/l/ Frame EB73 276 KB
76 KB 1063ms
27ms Script
text/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/c/l/click.net.1089776.js
Requested by: Host: am15.net
URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=93cd9bcf-69b0-4029-84f5-f7bbfbc6470a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 939268e29c0c010230166f0cfe2421d82e71d7830d5c68679a465addc33dcb33

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3916
cf-ray: 6718c98b29a83afb-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77029
x-amz-id-2: FQ2o1OXftte39JbGdnmRiD/AVrZrTKZyAcyxUc3L9fLnGc2pSJEGL4SB4p8X34xp3xN/b0XLfl4=
last-modified: Tue, 13 Jul 2021 11:43:43 GMT
server: cloudflare
etag: "5d57eb82730e7a7bcba8d73393460396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: GZJTSJPEAVS9EP6X
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 20 Jul 2021 06:33:53 GMT

GET
H/1.1 200
OK ambn.png
b.am15.net/ Frame EB73 6 KB
6 KB 54ms
53ms Image
image/png 95.216.240.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.am15.net/ambn.png
Requested by: Host: am15.net
URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=93cd9bcf-69b0-4029-84f5-f7bbfbc6470a
Protocol: HTTP/1.1
Server: 95.216.240.254 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.240.216.95.clients.your-server.de
Software: openresty /
Resource Hash: f8ef0068a018e69ac5f56505d59a2fa3acf3916b0040fa3a28301b39daf6bc19

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:52 GMT
Last-Modified: Fri, 06 Sep 2013 09:15:37 GMT
Server: openresty
ETag: "52299d39-18fb"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6395

GET
H/1.1 204
No Content matchframe.php Show response
match.c8.net.ua/ 0
1 KB 126ms
94ms Script
text/html 89.184.66.89
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: http://match.c8.net.ua/matchframe.php
Requested by: Host: b.c8.net.ua
URL: https://b.c8.net.ua/b/js/sys.js
Protocol: HTTP/1.1
Server: 89.184.66.89 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
Software: nginx/1.15.5 / PHP/5.5.38
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:52 GMT
X-request-stat: 1
Server: nginx/1.15.5
X-Powered-By: PHP/5.5.38
X-node-root: match
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Content-Length: 0
X-gw-server: _fcgi

GET
H/1.1 200
OK gcr.php Show response
r.c8.net.ua/ 617 B
491 B 147ms
99ms Script
text/javascript 212.1.66.234
UKRPACK

General

Check archive.org

Show headers Download Go to

Full URL: http://r.c8.net.ua/gcr.php
Requested by: Host: b.c8.net.ua
URL: https://b.c8.net.ua/b/js/sys.js
Protocol: HTTP/1.1
Server: 212.1.66.234 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
Software: nginx / PHP/5.4.11
Resource Hash: ee591a2c0f344044e1231b8770d551afe41cbe4c6819fa0360a233235093ff42

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:37:19 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.11
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H/1.1 200
OK cmeter_an.js Show response
source.mmi.bemobile.ua/cm/ 10 KB
4 KB 115ms
94ms Script
application/javascript 194.247.175.38
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://source.mmi.bemobile.ua/cm/cmeter_an.js
Requested by: Host: r.c8.net.ua
URL: http://r.c8.net.ua/gcr.php
Protocol: HTTP/1.1
Server: 194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Nov 2019 07:55:53 GMT
Server: nginx/1.13.0
ETag: W/"5dc27c89-2699"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Expires: Thu, 07 Nov 2019 07:55:53 GMT

GET
H2 200 / Show response
c.adskeeper.com/pv/ Frame EB73 0
285 B 83ms
79ms Script
text/plain 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.com/pv/?pv=5&cbuster=1626748433237116812992&uniqId=17e5f&niet=4g&nisd=false&iframe=2&ref=http%3A%2F%2Finfoworks.ru%2F&cxurl=http%3A%2F%2Finfoworks.ru%2F&pr=infoworks.ru&lu=http%3A%2F%2Fam15.net%2Fssp%2Fbanner%3Fupst%3Dj9ouyBm.sBbx2J_Ty7nn%26bid%3D93cd9bcf-69b0-4029-84f5-f7bbfbc6470a&pageView=1&pvid=17ac1c33356a3985be7&site=400586&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/c/l/click.net.1089776.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6718c98bc9f63afb-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame EB73 4 KB
2 KB 57ms
22ms Image
image/svg+xml 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: am15.net
URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=93cd9bcf-69b0-4029-84f5-f7bbfbc6470a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 5548
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: TDFPK96NXRT58XZ2
x-amz-id-2: wTo3X/MdxfmF73uhKCe6wR8X+ODEzfsnVtAfm+WhdxF2jei+cvIsb6mLldSiP66koaRPX+KiyDw=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6718c98c0c3d0863-CDG
expires: Tue, 20 Jul 2021 06:33:53 GMT

GET
DATA 200
OK truncated
/ Frame EB73 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b22b5a44b3373ac1ed29b2e86f926daa8044dda24dcaf7e274d67c1e89aec41

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK cm.js Show response
source.mmi.bemobile.ua/cm/ 52 KB
20 KB 56ms
55ms Script
application/javascript 194.247.175.38
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://source.mmi.bemobile.ua/cm/cm.js
Requested by: Host: source.mmi.bemobile.ua
URL: http://source.mmi.bemobile.ua/cm/cmeter_an.js
Protocol: HTTP/1.1
Server: 194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Nov 2019 07:55:53 GMT
Server: nginx/1.13.0
ETag: W/"5dc27c89-d0f6"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Expires: Thu, 07 Nov 2019 07:55:53 GMT

GET
H2 200 14 Show response
servicer.adskeeper.com/1089776/ Frame EB73 2 KB
1 KB 77ms
76ms Script
application/x-javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1089776/14?pv=5&cbuster=1626748433295488705632&uniqId=17e5f&niet=4g&nisd=false&w=240&h=343&cols=1&iframe=2&ref=http%3A%2F%2Finfoworks.ru%2F&cxurl=http%3A%2F%2Finfoworks.ru%2F&pr=infoworks.ru&lu=http%3A%2F%2Fam15.net%2Fssp%2Fbanner%3Fupst%3Dj9ouyBm.sBbx2J_Ty7nn%26bid%3D93cd9bcf-69b0-4029-84f5-f7bbfbc6470a&pageView=1&pvid=17ac1c33356a3985be7&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/c/l/click.net.1089776.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 949c83c45088a9792d9c745d19b6c3f47fd6a5184c9cf892609188d3627f96d4

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6718c98c2a103afb-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 i.js Show response
cm.adskeeper.com/ Frame EB73 19 B
127 B 120ms
119ms Script
application/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?&cbuster=1626748433380501534271
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/c/l/click.net.1089776.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:53 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: be1ec65c-3d71-4071-b08f-5f19f7915f64
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6718c98caa473afb-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame 6224 19 B
150 B 115ms
115ms Script
application/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1626748433384316380344
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/c/l/click.net.1089776.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:53 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 38228aae-927e-4459-8f30-9952d3804453
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6718c98caa4a3afb-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDktMTQvMTAxOTI0LzY2MTg4NzY0MDYxZTNlNGMwZDM0YWIxYzQ3YTRjMDBlLnBuZz90PTE1MzY5NDAyMjYyNjc.webp
s-img.adskeeper.com/g/8193506/200x200/88x0x401x401/ Frame EB73 6 KB
6 KB 33ms
31ms Image
image/webp 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8193506/200x200/88x0x401x401/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDktMTQvMTAxOTI0LzY2MTg4NzY0MDYxZTNlNGMwZDM0YWIxYzQ3YTRjMDBlLnBuZz90PTE1MzY5NDAyMjYyNjc.webp?v=1626748433-bvpRvSb3OC3nH36kb4PjhEUBnKRWM64n6ZGi3dKP4-8
Requested by: Host: am15.net
URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=93cd9bcf-69b0-4029-84f5-f7bbfbc6470a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82843b213485aee305c0346091e4a320f48d740f6083129b953e9fb01b283686

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:22:55 GMT
x-mg-request-uuid: 4d62a8af-916b-43d1-8a68-537d57058d74
age: 5758439
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6718c98cba4c3afb-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5890
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.adskeeper.com/g/8164912/200x200/181x0x744x744/ Frame EB73 5 KB
6 KB 23ms
21ms Image
image/webp 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164912/200x200/181x0x744x744/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1626748433-UG58jAbWxgJoDFSmgTtgLiAeH8dbC10XVXNELoul1dU
Requested by: Host: am15.net
URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbx2J_Ty7nn&bid=93cd9bcf-69b0-4029-84f5-f7bbfbc6470a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 865590fb8d7b1eb551958b9f0288f1ccb4b572662af5c90bcebef6729cc9beb8

Request headers

Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 12:21:04 GMT
x-mg-request-uuid: 3e3e598c-bc68-4aa2-a765-93a4525554b1
age: 5758899
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6718c98cba4b3afb-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5588
server: cloudflare

GET get_cookie
pa.tns-ua.com/bug/ 0
0

GET
H/1.1 200
OK external_all.html Show response
cstatic.weborama.fr/iframe/ Frame 52E1 7 KB
2 KB 65ms
49ms Document
text/html 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cstatic.weborama.fr/iframe/external_all.html
Requested by: Host: static.weborama.io
URL: http://static.weborama.io/556d807310823b694772f699.js
Protocol: HTTP/1.1
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C14) /
Resource Hash: 9d47457c64a0c0be7995db5bcb4f45c811da28c71dec36ad68b7f3a3041d1e04

Request headers

Host: cstatic.weborama.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://am15.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://am15.net/

Response headers

Content-Encoding: gzip
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 349070
Cache-Control: max-age=604800
Content-Type: text/html
Date: Tue, 20 Jul 2021 02:33:54 GMT
Etag: "1468613129"
Expires: Tue, 27 Jul 2021 02:33:54 GMT
Last-Modified: Thu, 10 Jun 2021 09:51:38 GMT
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
Server: ECAcc (mil/6C14)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 1840

GET
H/1.1 200
OK external_all.html Show response
cstatic.weborama.fr/iframe/ Frame 233B 7 KB
2 KB 45ms
32ms Document
text/html 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cstatic.weborama.fr/iframe/external_all.html
Requested by: Host: static.weborama.io
URL: http://static.weborama.io/556d807310823b694772f699.js
Protocol: HTTP/1.1
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C14) /
Resource Hash: 9d47457c64a0c0be7995db5bcb4f45c811da28c71dec36ad68b7f3a3041d1e04

Request headers

Host: cstatic.weborama.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://am15.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://am15.net/

Response headers

Content-Encoding: gzip
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 349070
Cache-Control: max-age=604800
Content-Type: text/html
Date: Tue, 20 Jul 2021 02:33:54 GMT
Etag: "1468613129"
Expires: Tue, 27 Jul 2021 02:33:54 GMT
Last-Modified: Thu, 10 Jun 2021 09:51:38 GMT
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
Server: ECAcc (mil/6C14)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 1840

GET
H/1.1 200
OK external_all.html Show response
cstatic.weborama.fr/iframe/ Frame 913D 7 KB
2 KB 63ms
49ms Document
text/html 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cstatic.weborama.fr/iframe/external_all.html
Requested by: Host: static.weborama.io
URL: http://static.weborama.io/556d807310823b694772f699.js
Protocol: HTTP/1.1
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C14) /
Resource Hash: 9d47457c64a0c0be7995db5bcb4f45c811da28c71dec36ad68b7f3a3041d1e04

Request headers

Host: cstatic.weborama.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://am15.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://am15.net/

Response headers

Content-Encoding: gzip
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 349070
Cache-Control: max-age=604800
Content-Type: text/html
Date: Tue, 20 Jul 2021 02:33:54 GMT
Etag: "1468613129"
Expires: Tue, 27 Jul 2021 02:33:54 GMT
Last-Modified: Thu, 10 Jun 2021 09:51:38 GMT
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
Server: ECAcc (mil/6C14)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 1840

GET
H/1.1 200
OK external_libs.v2.js Show response
cstatic.weborama.fr/iframe/ Frame 52E1 8 KB
3 KB 61ms
32ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_all.html
Protocol: HTTP/1.1
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C9F) /
Resource Hash: 0ba6e4af0093468bf4e865f0c53c7fbc5f1c09dd1de4343bb9024ed7ed8b2ed9

Request headers

Referer: http://cstatic.weborama.fr/iframe/external_all.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Jun 2021 09:51:26 GMT
Server: ECAcc (mil/6C9F)
Age: 90350
Etag: "1034007597"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 2878
Expires: Tue, 27 Jul 2021 02:33:54 GMT

GET
H/1.1 200
OK external_libs.v2.js Show response
cstatic.weborama.fr/iframe/ Frame 233B 8 KB
3 KB 58ms
32ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_all.html
Protocol: HTTP/1.1
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C9F) /
Resource Hash: 0ba6e4af0093468bf4e865f0c53c7fbc5f1c09dd1de4343bb9024ed7ed8b2ed9

Request headers

Referer: http://cstatic.weborama.fr/iframe/external_all.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Jun 2021 09:51:26 GMT
Server: ECAcc (mil/6C9F)
Age: 90350
Etag: "1034007597"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 2878
Expires: Tue, 27 Jul 2021 02:33:54 GMT

GET
H/1.1 200
OK external_libs.v2.js Show response
cstatic.weborama.fr/iframe/ Frame 913D 8 KB
3 KB 32ms
31ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_all.html
Protocol: HTTP/1.1
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C9F) /
Resource Hash: 0ba6e4af0093468bf4e865f0c53c7fbc5f1c09dd1de4343bb9024ed7ed8b2ed9

Request headers

Referer: http://cstatic.weborama.fr/iframe/external_all.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Jun 2021 09:51:26 GMT
Server: ECAcc (mil/6C9F)
Age: 90350
Etag: "1034007597"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 2878
Expires: Tue, 27 Jul 2021 02:33:54 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 25ms
23ms Image
text/plain 146.0.227.107
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=FR%2FIDF%2F75%2F2988507&am-uid=6ff392fbb8de4a45ac8aa20a7cb26d17&zone=E21E06B7-8504-4B52-BE4D-9685822441F0&device=28&rule=DBF11306-CD1E-4F84-BB6A-B7F69A5716A9&requestId=bcf339cb-2d1b-4021-bd08-0a890a9ea028&hp=-1465892250&page=www.repetitor.ua%2F&ts=637623452301350949&ap=MA%3D%3D&asign=1593514171&sync=3%2C45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=C8B58504-318B-428E-B3E2-916B9D27C81F&inst=ADS-EU-3&pxl=0&pvid=af2ee14c-41f1-489d-a37f-87f16d0ab736&ip=82.102.18.114&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Jul 2021 02:33:57 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 25ms
24ms Image
text/plain 146.0.227.107
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.repetitor.ua
URL: http://www.repetitor.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Jul 2021 02:33:57 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK drop-shadow.png
www.repetitor.ua/themes/default/images/highslide/outlines/ 2 KB
3 KB 11ms
10ms Image
image/png 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/themes/default/images/highslide/outlines/drop-shadow.png
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e5b23d855ab38d3c982e95d49894d4febd754baf5072d2049979254ad9663219

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:57 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 592
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 2091
Last-Modified: Wed, 13 Apr 2011 21:54:06 GMT
Server: cloudflare
ETag: "ffc1504f25facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsFrWHj0vCVHaO9OpYveZdV3V8sFmoaP4Jpwr%2Fw6CBTt0BicFaS6FvGXno1Qda9uJFLI8f84yqy3npjU4VNYTVYPSb4yAYu4wKdFYoCo%2B5OuqZf11kKEAUo%2BsMRb6mTBL8aQaq86ZnYWZhO5Z8PP"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c9a69de12c19-FRA

GET
H/1.1 200
OK zoomout.cur
www.repetitor.ua/themes/default/images/highslide/ 326 B
1 KB 77ms
76ms Image
application/octet-stream 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/themes/default/images/highslide/zoomout.cur
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 110a21ee3616bfa86b492bb237eeb946ee4a643d7bb77a7fd2b131311f5ccf72

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:57 GMT
CF-Cache-Status: DYNAMIC
Last-Modified: Wed, 13 Apr 2011 21:54:04 GMT
Server: cloudflare
X-Powered-By: ASP.NET
ETag: "a1ea4a4e25facb1:0"
NEL: {"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GHFlbLm%2BPt8YhM690lUUfiSd5R1Lbpl%2Bv3kHmFVzcaCedYlotoqpkONm0HeRFsJNpxQBC2qcD7o1RUyT6iUUT%2BKfQewLf%2BxfN5gk5BleIlmheFEYj%2BcR%2BfdLFdZZ7pTTPgqmfw669H0eIdSPQQI"}],"group":"cf-nel","max_age":604800}
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6718c9a69e434e3e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 326

GET
H/1.1 200
OK drop-shadow.png
www.repetitor.ua/themes/default/images/highslide/outlines/ 2 KB
3 KB 14ms
14ms Image
image/png 2606:4700:3037::6815:60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.repetitor.ua/themes/default/images/highslide/outlines/drop-shadow.png
Requested by: Host: www.repetitor.ua
URL: http://www.repetitor.ua/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e5b23d855ab38d3c982e95d49894d4febd754baf5072d2049979254ad9663219

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.repetitor.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.repetitor.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:57 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 592
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 2091
Last-Modified: Wed, 13 Apr 2011 21:54:06 GMT
Server: cloudflare
ETag: "ffc1504f25facb1:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FvBOGiQt7rZiS2IKyuLMxP4hC%2BObPbY2XHesKFQfHj6L%2BV5iVyJNdQyXABWdxzpxeG1vmdfv0yB9HElWGN%2FQaCMQjs2VPCYN3xpSqSPHn53hIRm3J8zY%2FTEpxWWFwgZtrS9cQIP2en3lax7vlil"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6718c9a6bdf82c19-FRA

GET
H2

200

sync Show response
ds.frontend.weborama.fr/ Frame 52E1
Redirect Chain

https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync
https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync&bounce=1&random=3956012523

2 KB
2 KB

20ms
20ms

Script
application/javascript

34.117.231.160
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync&bounce=1&random=3956012523
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.231.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.231.117.34.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: b9579bf1656c555dbc4fadcb8a7a9db809494faae930ab554cb55bfeef7d2c2d

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/javascript; charset=utf-8
alt-svc: clear
content-length: 1886
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
location: https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync&bounce=1&random=3956012523
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

sync Show response
ds.frontend.weborama.fr/ Frame 233B
Redirect Chain

https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync
https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync&bounce=1&random=1069426459

2 KB
2 KB

21ms
20ms

Script
application/javascript

34.117.231.160
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync&bounce=1&random=1069426459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.231.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.231.117.34.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: 946c31a9d04eb52faf443da904c76db9e897719e24861739097fa90e56ded106

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/javascript; charset=utf-8
alt-svc: clear
content-length: 1886
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
location: https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync&bounce=1&random=1069426459
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

sync Show response
ds.frontend.weborama.fr/ Frame 913D
Redirect Chain

https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync
https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync&bounce=1&random=1343826483

2 KB
2 KB

21ms
21ms

Script
application/javascript

34.117.231.160
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync&bounce=1&random=1343826483
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.231.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.231.117.34.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: 723c7584af2e74197390bb4f62cc9dd33bbeafbb67ad38d72ab8b38b6867a8be

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/javascript; charset=utf-8
alt-svc: clear
content-length: 1886
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
location: https://ds.frontend.weborama.fr/sync?key=all&callback=Utils.handleDataSync&bounce=1&random=1343826483
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK dispatch.fcgi Show response
aimfar.solution.weborama.fr/fcgi-bin/ Frame 93E8 41 B
519 B 69ms
19ms Document
text/html 195.54.48.25
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to

Full URL: https://aimfar.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prx&g.r=8580314995633092863
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.54.48.25 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS
Software: Apache /
Resource Hash: f752c9d78517ca9e04bd89d00ad15e914800aad0f8471c18b9114c620b74463b

Request headers

Host: aimfar.solution.weborama.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://cstatic.weborama.fr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: AFFICHE_W=Cdyj9Y28x3MJ82
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://cstatic.weborama.fr/

Response headers

date: Tue, 20 Jul 2021 02:33:59 GMT
server: Apache
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
transfer-encoding: chunked
content-type: text/html

GET
H2

200

/ Show response
loadus.exelator.com/load/ Frame 4BC7
Redirect Chain

https://loadus.exelator.com/load/?p=204&g=1020&j=w
https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1

205 B
999 B

34ms
34ms

Document
text/html

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: a8291ca035f123bf8678f227d6eaee31a94c5ad4f94aa36b2e25535d4554e68a

Request headers

:method: GET
:authority: loadus.exelator.com
:scheme: https
:path: /load/?p=204&g=1020&j=w&xl8blockcheck=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://cstatic.weborama.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EE="dc82ccc859defd15107dbe666a755b3f"; ud="eJxrXxzq6XKLQSEl2cIoOTnZwtQyJTUtxdDU0MA8JSnVzMws0dzUNMk4bXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9kVvQ4qKUNMZFJcWngvcmPAIAfaYoQA%253D%253D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://cstatic.weborama.fr/

Response headers

server: nginx
date: Tue, 20 Jul 2021 02:33:59 GMT
content-type: text/html;charset=UTF-8
cache-control: no-cache
x-powered-by: Undertow/1
set-cookie: EE="dc82ccc859defd15107dbe666a755b3f"; Domain=.exelator.com; Path=/; Max-Age=10368000; Expires=Wed, 17-Nov-2021 02:33:59 GMT; SameSite=None; Secure; ud="eJxrXxzq6XKLQSEl2cIoOTnZwtQyJTUtxdDU0MA8JSnVzMws0dzUNMk4bXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yMJySX5RZvoit6DFRSlpDItKik8F7014BAC4LCsW"; Domain=.exelator.com; Path=/; Max-Age=10368000; Expires=Wed, 17-Nov-2021 02:33:59 GMT; SameSite=None; Secure;
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-credentials: true

Redirect headers

server: nginx
date: Tue, 20 Jul 2021 02:33:59 GMT
content-type: image/gif
content-length: 0
cache-control: no-cache
x-powered-by: Undertow/1
set-cookie: EE="34094a280389055418a6a518398d6f63"; Domain=.exelator.com; Path=/; Max-Age=10368000; Expires=Wed, 17-Nov-2021 02:33:59 GMT; SameSite=None; Secure; ud="eJxrXxzq6XKLQcHYxMDSJNHIwsDYwtLA1NTE0CLRLNHU0MLY0iLFLM3MeHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9kVvQ4qKUNMZFJcWngvcmPAIA4XsmYg%253D%253D"; Domain=.exelator.com; Path=/; Max-Age=10368000; Expires=Wed, 17-Nov-2021 02:33:59 GMT; SameSite=None; Secure;
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
access-control-allow-credentials: true

GET
H2 200 cj Show response
ds.frontend.weborama.fr/ Frame 233B 361 B
429 B 26ms
20ms Script
application/javascript 34.117.231.160
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.frontend.weborama.fr/cj?key=graphinium
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.231.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.231.117.34.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: bb7a30bf278d620602ce6b4b069a792ab06a712b9935bd08c2da51bfc3ceb95f

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/javascript; charset=utf-8
alt-svc: clear
content-length: 361
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 233B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm
https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEOHU8meRzunG-380jklZgEc&google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1

0
67 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEOHU8meRzunG-380jklZgEc&google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:34:00 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:34:00 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEOHU8meRzunG-380jklZgEc&google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1
date: Tue, 20 Jul 2021 02:34:00 GMT
server: Apache
content-length: 354
content-type: text/html; charset=iso-8859-1

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 233B
Redirect Chain

https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus_id%26value%3D%24UID
https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=4420247395321800422

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=4420247395321800422
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:59 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0aa1d161-17a7-4cdc-81f6-d3806040f6ed
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=4420247395321800422
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 233B
Redirect Chain

https://rtd-tm.everesttech.net/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul_id%26value%3D%24%7BUSER_ID%7D
https://rtd-tm.everesttech.net/ct/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul_id%26value%3D%24%7BUSER_ID%7D&_test=YPY2FwAAPahdBwAQ
https://idsync.frontend.weborama.fr/ids?key=tubemogul_id&value=YPY2FwAAPahdBwAQ

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=tubemogul_id&value=YPY2FwAAPahdBwAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1626748440.736904,VS0,VE92
x-served-by: cache-fra19155-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://idsync.frontend.weborama.fr/ids?key=tubemogul_id&value=YPY2FwAAPahdBwAQ
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 233B
Redirect Chain

https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2_id%26value%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2_id%26value%3D%40USERID%40
https://idsync.frontend.weborama.fr/ids?key=criteov2_id&value=XtFbyv4rD7K3CJnvuqPIKrvqDUy0_RIj

0
44 B

54ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=criteov2_id&value=XtFbyv4rD7K3CJnvuqPIKrvqDUy0_RIj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=criteov2_id&value=XtFbyv4rD7K3CJnvuqPIKrvqDUy0_RIj
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3785
date: Tue, 20 Jul 2021 02:33:59 GMT
content-length: 215
content-type: text/html; charset=utf-8

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 233B
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10014&redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dmediamath_id%26value%3D%5BMM_UUID%5D
https://idsync.frontend.weborama.fr/ids?key=mediamath_id&value=a22360f6-3617-4f00-8c28-0b8cc2d1040a

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=mediamath_id&value=a22360f6-3617-4f00-8c28-0b8cc2d1040a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Date: Tue, 20 Jul 2021 02:33:59 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://idsync.frontend.weborama.fr/ids?key=mediamath_id&value=a22360f6-3617-4f00-8c28-0b8cc2d1040a
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Tue, 20 Jul 2021 02:36:17 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 233B
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D&cklb=1

0
75 B

124ms
124ms

Image
text/plain

199.187.193.166
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D&cklb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:59 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D&cklb=1
pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 401736.gif
idsync.rlcdn.com/ Frame 233B 42 B
178 B 62ms
21ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/401736.gif?partner_uid=XYrPZ7Dd1BXHpUJKIjfFZ.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2

204

collect
dx.frontend.weborama.com/ Frame 233B
Redirect Chain

https://dx.frontend.weborama.com/collect?dsp_id=0&eid=qzH0uZXGiEer
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=qzH0uZXGiEer&bounce=1&random=3062129958

0
123 B

22ms
20ms

Image
text/plain

35.201.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=qzH0uZXGiEer&bounce=1&random=3062129958
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
location: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=qzH0uZXGiEer&bounce=1&random=3062129958
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 233B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=4n2tpwc&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=4n2tpwc&ttd_tpi=1
https://idsync.frontend.weborama.fr/ids?key=thetradedesk_id&value=035868b8-0000-4d06-98b8-762b705aaf1e

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=thetradedesk_id&value=035868b8-0000-4d06-98b8-762b705aaf1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://idsync.frontend.weborama.fr/ids?key=thetradedesk_id&value=035868b8-0000-4d06-98b8-762b705aaf1e
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 235

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 233B
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=qzH0uZXGiEer
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=qzH0uZXGiEer

95 B
425 B

22ms
20ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=qzH0uZXGiEer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=qzH0uZXGiEer
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 233B
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=WEBMA&gdpr=false
https://wam-yahoo.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=tp&d.k=yahoo_id&d.v=y-J1dLNwxE2oeX.CTYzFa5xZTy4hTzRdQDdDg-~A
https://idsync.frontend.weborama.fr/ids?key=yahoo_id&value=y-J1dLNwxE2oeX.CTYzFa5xZTy4hTzRdQDdDg-~A

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=yahoo_id&value=y-J1dLNwxE2oeX.CTYzFa5xZTy4hTzRdQDdDg-~A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:34:02 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:34:02 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=yahoo_id&value=y-J1dLNwxE2oeX.CTYzFa5xZTy4hTzRdQDdDg-~A
date: Tue, 20 Jul 2021 02:34:02 GMT
server: Apache
content-length: 287
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK sync-uid.php
sync-uid.leadplace.fr/ Frame 233B 35 B
418 B 1258ms
40ms Image
image/gif 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-uid.leadplace.fr/sync-uid.php?part=weborama&id=XYrPZ7Dd1BXHpUJKIjfFZ.
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 52661272:E6F6_91EFC0A6:01BB_60F63618_20E996CB:BE9A
X-IPLB-Instance: 30195
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1

200
OK

match
p.crm4d.com/sync/weborama/ Frame 233B
Redirect Chain

https://p.crm4d.com/emt/sync/weborama?uid=XYrPZ7Dd1BXHpUJKIjfFZ.
https://p.crm4d.com/sync/weborama/match?uid=XYrPZ7Dd1BXHpUJKIjfFZ.

42 B
545 B

127ms
33ms

Image
image/gif

51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.crm4d.com/sync/weborama/match?uid=XYrPZ7Dd1BXHpUJKIjfFZ.
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Location: /sync/weborama/match?uid=XYrPZ7Dd1BXHpUJKIjfFZ.
Date: Tue, 20 Jul 2021 02:33:59 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

GET
H/1.1

200

p
a.audrte.com/ Frame 233B
Redirect Chain

https://a.audrte.com/match?p=1468142154&uid=XYrPZ7Dd1BXHpUJKIjfFZ.
https://a.audrte.com/p

68 B
791 B

94ms
93ms

Image
image/png

54.205.106.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.106.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:01 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK /
b1sync.zemanta.com/usersync/weborama/ Frame 233B 26 B
127 B 567ms
92ms Image
image/gif 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/weborama/?webouuid=XYrPZ7Dd1BXHpUJKIjfFZ.
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Content-Length: 26
Content-Type: image/gif

GET
H2 200 match
c1.adform.net/serving/cookie/ Frame 233B 35 B
377 B 1123ms
38ms Image
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=1145&cid=XYrPZ7Dd1BXHpUJKIjfFZ.

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:34:00 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 233B
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=WFlyUFo3RGQxQlhIcFVKS0lqZkZaLg
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=WFlyUFo3RGQxQlhIcFVKS0lqZkZaLg&dcc=t

43 B
720 B

300ms
200ms

Image
image/gif

52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=WFlyUFo3RGQxQlhIcFVKS0lqZkZaLg&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:34:00 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:34:00 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=WFlyUFo3RGQxQlhIcFVKS0lqZkZaLg&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 52E1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm
https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEOHU8meRzunG-380jklZgEc&google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEOHU8meRzunG-380jklZgEc&google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:34:00 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:34:00 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEOHU8meRzunG-380jklZgEc&google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1
date: Tue, 20 Jul 2021 02:34:00 GMT
server: Apache
content-length: 354
content-type: text/html; charset=iso-8859-1

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 52E1
Redirect Chain

https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus_id%26value%3D%24UID
https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=1352431169615688835

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=1352431169615688835
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:59 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5b818071-18c8-42b3-8b13-983fa5f15a43
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=1352431169615688835
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 52E1
Redirect Chain

https://rtd-tm.everesttech.net/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul_id%26value%3D%24%7BUSER_ID%7D
https://rtd-tm.everesttech.net/ct/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul_id%26value%3D%24%7BUSER_ID%7D&_test=YPY2FwAAPaldBgAQ
https://idsync.frontend.weborama.fr/ids?key=tubemogul_id&value=YPY2FwAAPaldBgAQ

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=tubemogul_id&value=YPY2FwAAPaldBgAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1626748440.733514,VS0,VE89
x-served-by: cache-fra19155-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://idsync.frontend.weborama.fr/ids?key=tubemogul_id&value=YPY2FwAAPaldBgAQ
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 52E1
Redirect Chain

https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2_id%26value%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2_id%26value%3D%40USERID%40
https://idsync.frontend.weborama.fr/ids?key=criteov2_id&value=7Jd1nVp85kg3XamPT9WjGtdh2FjHZmqc

0
44 B

54ms
19ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=criteov2_id&value=7Jd1nVp85kg3XamPT9WjGtdh2FjHZmqc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=criteov2_id&value=7Jd1nVp85kg3XamPT9WjGtdh2FjHZmqc
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3818
date: Tue, 20 Jul 2021 02:33:59 GMT
content-length: 215
content-type: text/html; charset=utf-8

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 52E1
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10014&redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dmediamath_id%26value%3D%5BMM_UUID%5D
https://idsync.frontend.weborama.fr/ids?key=mediamath_id&value=cb6f60f6-3617-4300-b003-2bba481c7751

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=mediamath_id&value=cb6f60f6-3617-4300-b003-2bba481c7751
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Date: Tue, 20 Jul 2021 02:33:59 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://idsync.frontend.weborama.fr/ids?key=mediamath_id&value=cb6f60f6-3617-4300-b003-2bba481c7751
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Tue, 20 Jul 2021 02:36:17 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 52E1
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D&cklb=1

0
75 B

255ms
255ms

Image
text/plain

199.187.193.166
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D&cklb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:59 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D&cklb=1
pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 52E1
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=4n2tpwc&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=4n2tpwc&ttd_tpi=1
https://idsync.frontend.weborama.fr/ids?key=thetradedesk_id&value=035868b8-0000-4d06-98b8-762b705aaf1e

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=thetradedesk_id&value=035868b8-0000-4d06-98b8-762b705aaf1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://idsync.frontend.weborama.fr/ids?key=thetradedesk_id&value=035868b8-0000-4d06-98b8-762b705aaf1e
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 235

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 52E1
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=WEBMA&gdpr=false
https://wam-yahoo.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=tp&d.k=yahoo_id&d.v=y-ijD0g6BE2odB5e2vLyTiaiUlYD3DIvXOXKQ-~A
https://idsync.frontend.weborama.fr/ids?key=yahoo_id&value=y-ijD0g6BE2odB5e2vLyTiaiUlYD3DIvXOXKQ-~A

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=yahoo_id&value=y-ijD0g6BE2odB5e2vLyTiaiUlYD3DIvXOXKQ-~A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:34:02 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:34:02 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=yahoo_id&value=y-ijD0g6BE2odB5e2vLyTiaiUlYD3DIvXOXKQ-~A
date: Tue, 20 Jul 2021 02:34:02 GMT
server: Apache
content-length: 287
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK dispatch.fcgi Show response
aimfar.solution.weborama.fr/fcgi-bin/ Frame 283F 41 B
524 B 81ms
22ms Document
text/html 195.54.48.25
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to

Full URL: https://aimfar.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prx&g.r=9823039533234320190
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.54.48.25 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS
Software: Apache /
Resource Hash: f752c9d78517ca9e04bd89d00ad15e914800aad0f8471c18b9114c620b74463b

Request headers

Host: aimfar.solution.weborama.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://cstatic.weborama.fr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: AFFICHE_W=Cdyj9Y28x3MJ82
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://cstatic.weborama.fr/

Response headers

date: Tue, 20 Jul 2021 02:33:59 GMT
server: Apache
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
transfer-encoding: chunked
content-type: text/html

GET
H2

200

/ Show response
loadus.exelator.com/load/ Frame 4247
Redirect Chain

https://loadus.exelator.com/load/?p=204&g=1020&j=w
https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1

205 B
999 B

34ms
34ms

Document
text/html

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: a8291ca035f123bf8678f227d6eaee31a94c5ad4f94aa36b2e25535d4554e68a

Request headers

:method: GET
:authority: loadus.exelator.com
:scheme: https
:path: /load/?p=204&g=1020&j=w&xl8blockcheck=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://cstatic.weborama.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EE="dc82ccc859defd15107dbe666a755b3f"; ud="eJxrXxzq6XKLQSEl2cIoOTnZwtQyJTUtxdDU0MA8JSnVzMws0dzUNMk4bXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9kVvQ4qKUNMZFJcWngvcmPAIAfaYoQA%253D%253D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://cstatic.weborama.fr/

Response headers

server: nginx
date: Tue, 20 Jul 2021 02:33:59 GMT
content-type: text/html;charset=UTF-8
cache-control: no-cache
x-powered-by: Undertow/1
set-cookie: EE="dc82ccc859defd15107dbe666a755b3f"; Domain=.exelator.com; Path=/; Max-Age=10368000; Expires=Wed, 17-Nov-2021 02:33:59 GMT; SameSite=None; Secure; ud="eJxrXxzq6XKLQSEl2cIoOTnZwtQyJTUtxdDU0MA8JSnVzMws0dzUNMk4bXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yMJySX5RZvoit6DFRSlpDItKik8F7014BAC4LCsW"; Domain=.exelator.com; Path=/; Max-Age=10368000; Expires=Wed, 17-Nov-2021 02:33:59 GMT; SameSite=None; Secure;
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-credentials: true

Redirect headers

server: nginx
date: Tue, 20 Jul 2021 02:33:59 GMT
content-type: image/gif
content-length: 0
cache-control: no-cache
x-powered-by: Undertow/1
set-cookie: EE="009522fcd1829e9c3131b51943e2742e"; Domain=.exelator.com; Path=/; Max-Age=10368000; Expires=Wed, 17-Nov-2021 02:33:59 GMT; SameSite=None; Secure; ud="eJxrXxzq6XKLQcHAwNLUyCgtOcXQwsgy1TLZ2NDYMMnU0NLEONXI3MQodXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9kVvQ4qKUNMZFJcWngvcmPAIADPEm4g%253D%253D"; Domain=.exelator.com; Path=/; Max-Age=10368000; Expires=Wed, 17-Nov-2021 02:33:59 GMT; SameSite=None; Secure;
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
access-control-allow-credentials: true

GET
H2 200 cj Show response
ds.frontend.weborama.fr/ Frame 52E1 360 B
428 B 21ms
19ms Script
application/javascript 34.117.231.160
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.frontend.weborama.fr/cj?key=graphinium
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.231.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.231.117.34.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: 10a14d1c491dcc1c6b5a2b6a76bd1ddb0ae3abb3a6086a0312acd48647fca8bd

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/javascript; charset=utf-8
alt-svc: clear
content-length: 360
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 401736.gif
idsync.rlcdn.com/ Frame 52E1 42 B
417 B 52ms
20ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/401736.gif?partner_uid=MLI/6VVvp8gq4CrRMBZOF.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2

204

collect
dx.frontend.weborama.com/ Frame 52E1
Redirect Chain

https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Cdyj9Y28x3MJ
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Cdyj9Y28x3MJ&bounce=1&random=3995430291

0
123 B

22ms
20ms

Image
text/plain

35.201.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Cdyj9Y28x3MJ&bounce=1&random=3995430291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
location: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Cdyj9Y28x3MJ&bounce=1&random=3995430291
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 52E1
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=Cdyj9Y28x3MJ
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=Cdyj9Y28x3MJ

95 B
414 B

22ms
21ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=Cdyj9Y28x3MJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=Cdyj9Y28x3MJ
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1 200
OK sync-uid.php
sync-uid.leadplace.fr/ Frame 52E1 35 B
418 B 1176ms
44ms Image
image/gif 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-uid.leadplace.fr/sync-uid.php?part=weborama&id=MLI/6VVvp8gq4CrRMBZOF.
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 52661272:E6F6_91EFC0A6:01BB_60F63618_20E996BE:BE9A
X-IPLB-Instance: 30195
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1

200
OK

match
p.crm4d.com/sync/weborama/ Frame 52E1
Redirect Chain

https://p.crm4d.com/emt/sync/weborama?uid=MLI/6VVvp8gq4CrRMBZOF.
https://p.crm4d.com/sync/weborama/match?uid=MLI%2F6VVvp8gq4CrRMBZOF.

42 B
545 B

101ms
34ms

Image
image/gif

51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.crm4d.com/sync/weborama/match?uid=MLI%2F6VVvp8gq4CrRMBZOF.
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Location: /sync/weborama/match?uid=MLI%2F6VVvp8gq4CrRMBZOF.
Date: Tue, 20 Jul 2021 02:33:59 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

GET
H/1.1

200

p
a.audrte.com/ Frame 52E1
Redirect Chain

https://a.audrte.com/match?p=1468142154&uid=MLI/6VVvp8gq4CrRMBZOF.
https://a.audrte.com/p

68 B
791 B

94ms
93ms

Image
image/png

54.205.106.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.106.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:01 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK /
b1sync.zemanta.com/usersync/weborama/ Frame 52E1 26 B
127 B 475ms
97ms Image
image/gif 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/weborama/?webouuid=MLI/6VVvp8gq4CrRMBZOF.
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Content-Length: 26
Content-Type: image/gif

GET
H2 200 match
c1.adform.net/serving/cookie/ Frame 52E1 35 B
376 B 1121ms
38ms Image
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=1145&cid=MLI/6VVvp8gq4CrRMBZOF.

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:34:00 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 52E1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=TUxJLzZWVnZwOGdxNENyUk1CWk9GLg
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=TUxJLzZWVnZwOGdxNENyUk1CWk9GLg&dcc=t

43 B
720 B

608ms
204ms

Image
image/gif

52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=TUxJLzZWVnZwOGdxNENyUk1CWk9GLg&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:34:00 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:34:00 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=TUxJLzZWVnZwOGdxNENyUk1CWk9GLg&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 913D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm
https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEOHU8meRzunG-380jklZgEc&google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEOHU8meRzunG-380jklZgEc&google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:34:00 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:34:00 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEOHU8meRzunG-380jklZgEc&google_gid=CAESEOHU8meRzunG-380jklZgEc&google_cver=1
date: Tue, 20 Jul 2021 02:34:00 GMT
server: Apache
content-length: 354
content-type: text/html; charset=iso-8859-1

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 913D
Redirect Chain

https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus_id%26value%3D%24UID
https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=3352680221727473115

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=3352680221727473115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:33:59 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cb347def-fe4d-42e5-9e77-989553daa82f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.frontend.weborama.fr/ids?key=appnexus_id&value=3352680221727473115
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 913D
Redirect Chain

https://rtd-tm.everesttech.net/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul_id%26value%3D%24%7BUSER_ID%7D
https://rtd-tm.everesttech.net/ct/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul_id%26value%3D%24%7BUSER_ID%7D&_test=YPY2FwAAPVFdCgAQ
https://idsync.frontend.weborama.fr/ids?key=tubemogul_id&value=YPY2FwAAPVFdCgAQ

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=tubemogul_id&value=YPY2FwAAPVFdCgAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1626748440.739329,VS0,VE93
x-served-by: cache-fra19155-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://idsync.frontend.weborama.fr/ids?key=tubemogul_id&value=YPY2FwAAPVFdCgAQ
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 913D
Redirect Chain

https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2_id%26value%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2_id%26value%3D%40USERID%40
https://idsync.frontend.weborama.fr/ids?key=criteov2_id&value=-jnv-Kkbdgr4r-RTqLVwvFZ8UCSLC5g2

0
236 B

56ms
19ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=criteov2_id&value=-jnv-Kkbdgr4r-RTqLVwvFZ8UCSLC5g2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=criteov2_id&value=-jnv-Kkbdgr4r-RTqLVwvFZ8UCSLC5g2
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2915
date: Tue, 20 Jul 2021 02:33:59 GMT
content-length: 215
content-type: text/html; charset=utf-8

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 913D
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10014&redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dmediamath_id%26value%3D%5BMM_UUID%5D
https://idsync.frontend.weborama.fr/ids?key=mediamath_id&value=66a260f6-3617-4f00-94d9-8bb1327e8fc1

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=mediamath_id&value=66a260f6-3617-4f00-94d9-8bb1327e8fc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Date: Tue, 20 Jul 2021 02:33:59 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://idsync.frontend.weborama.fr/ids?key=mediamath_id&value=66a260f6-3617-4f00-94d9-8bb1327e8fc1
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Tue, 20 Jul 2021 02:36:17 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 913D
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D&cklb=1

0
75 B

128ms
127ms

Image
text/plain

199.187.193.166
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D&cklb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:59 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver_id%26value%3D%5Bsas_uid%5D&cklb=1
pragma: no-cache
date: Tue, 20 Jul 2021 02:33:58 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 401736.gif
idsync.rlcdn.com/ Frame 913D 42 B
178 B 49ms
21ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/401736.gif?partner_uid=MLI/6VVvp8gq4CrRMBZOF.
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2

204

collect
dx.frontend.weborama.com/ Frame 913D
Redirect Chain

https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Cdyj9Y28x3MJ
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Cdyj9Y28x3MJ&bounce=1&random=1034063952

0
123 B

23ms
22ms

Image
text/plain

35.201.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Cdyj9Y28x3MJ&bounce=1&random=1034063952
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
location: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Cdyj9Y28x3MJ&bounce=1&random=1034063952
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 913D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=4n2tpwc&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=4n2tpwc&ttd_tpi=1
https://idsync.frontend.weborama.fr/ids?key=thetradedesk_id&value=035868b8-0000-4d06-98b8-762b705aaf1e

0
44 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=thetradedesk_id&value=035868b8-0000-4d06-98b8-762b705aaf1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://idsync.frontend.weborama.fr/ids?key=thetradedesk_id&value=035868b8-0000-4d06-98b8-762b705aaf1e
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 235

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 913D
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=Cdyj9Y28x3MJ
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=Cdyj9Y28x3MJ

95 B
414 B

22ms
21ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=Cdyj9Y28x3MJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=Cdyj9Y28x3MJ
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 913D
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=WEBMA&gdpr=false
https://wam-yahoo.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=tp&d.k=yahoo_id&d.v=y-91onCg1E2odZSk66iUsd_g14WHU_SmxCSeo-~A
https://idsync.frontend.weborama.fr/ids?key=yahoo_id&value=y-91onCg1E2odZSk66iUsd_g14WHU_SmxCSeo-~A

0
67 B

20ms
20ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=yahoo_id&value=y-91onCg1E2odZSk66iUsd_g14WHU_SmxCSeo-~A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:34:02 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:34:02 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=yahoo_id&value=y-91onCg1E2odZSk66iUsd_g14WHU_SmxCSeo-~A
date: Tue, 20 Jul 2021 02:34:02 GMT
server: Apache
content-length: 287
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK sync-uid.php
sync-uid.leadplace.fr/ Frame 913D 35 B
418 B 1217ms
41ms Image
image/gif 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-uid.leadplace.fr/sync-uid.php?part=weborama&id=MLI/6VVvp8gq4CrRMBZOF.
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 52661272:E6F6_91EFC0A6:01BB_60F63618_20E996C6:BE9A
X-IPLB-Instance: 30195
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1

200
OK

match
p.crm4d.com/sync/weborama/ Frame 913D
Redirect Chain

https://p.crm4d.com/emt/sync/weborama?uid=MLI/6VVvp8gq4CrRMBZOF.
https://p.crm4d.com/sync/weborama/match?uid=MLI%2F6VVvp8gq4CrRMBZOF.

42 B
545 B

101ms
34ms

Image
image/gif

51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.crm4d.com/sync/weborama/match?uid=MLI%2F6VVvp8gq4CrRMBZOF.
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Location: /sync/weborama/match?uid=MLI%2F6VVvp8gq4CrRMBZOF.
Date: Tue, 20 Jul 2021 02:33:59 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

GET
H/1.1

200

p
a.audrte.com/ Frame 913D
Redirect Chain

https://a.audrte.com/match?p=1468142154&uid=MLI/6VVvp8gq4CrRMBZOF.
https://a.audrte.com/p

68 B
791 B

95ms
95ms

Image
image/png

54.205.106.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.106.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:01 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK /
b1sync.zemanta.com/usersync/weborama/ Frame 913D 26 B
127 B 377ms
92ms Image
image/gif 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/weborama/?webouuid=MLI/6VVvp8gq4CrRMBZOF.
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:59 GMT
Content-Length: 26
Content-Type: image/gif

GET
H2 200 match
c1.adform.net/serving/cookie/ Frame 913D 35 B
376 B 1119ms
38ms Image
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=1145&cid=MLI/6VVvp8gq4CrRMBZOF.

Requested by

Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:34:00 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 913D
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=TUxJLzZWVnZwOGdxNENyUk1CWk9GLg
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=TUxJLzZWVnZwOGdxNENyUk1CWk9GLg&dcc=t

43 B
720 B

456ms
202ms

Image
image/gif

52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=TUxJLzZWVnZwOGdxNENyUk1CWk9GLg&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:34:00 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:34:00 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=TUxJLzZWVnZwOGdxNENyUk1CWk9GLg&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dispatch.fcgi Show response
aimfar.solution.weborama.fr/fcgi-bin/ Frame D52A 41 B
519 B 101ms
31ms Document
text/html 195.54.48.25
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to

Full URL: https://aimfar.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prx&g.r=3114974822832776836
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.54.48.25 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS
Software: Apache /
Resource Hash: f752c9d78517ca9e04bd89d00ad15e914800aad0f8471c18b9114c620b74463b

Request headers

Host: aimfar.solution.weborama.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://cstatic.weborama.fr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: AFFICHE_W=Cdyj9Y28x3MJ82
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://cstatic.weborama.fr/

Response headers

date: Tue, 20 Jul 2021 02:33:59 GMT
server: Apache
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
transfer-encoding: chunked
content-type: text/html

GET
H2

200

/ Show response
loadus.exelator.com/load/ Frame 1CF6
Redirect Chain

https://loadus.exelator.com/load/?p=204&g=1020&j=w
https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1

205 B
999 B

34ms
34ms

Document
text/html

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: a8291ca035f123bf8678f227d6eaee31a94c5ad4f94aa36b2e25535d4554e68a

Request headers

:method: GET
:authority: loadus.exelator.com
:scheme: https
:path: /load/?p=204&g=1020&j=w&xl8blockcheck=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://cstatic.weborama.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EE="dc82ccc859defd15107dbe666a755b3f"; ud="eJxrXxzq6XKLQSEl2cIoOTnZwtQyJTUtxdDU0MA8JSnVzMws0dzUNMk4bXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9kVvQ4qKUNMZFJcWngvcmPAIAfaYoQA%253D%253D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://cstatic.weborama.fr/

Response headers

server: nginx
date: Tue, 20 Jul 2021 02:33:59 GMT
content-type: text/html;charset=UTF-8
cache-control: no-cache
x-powered-by: Undertow/1
set-cookie: EE="dc82ccc859defd15107dbe666a755b3f"; Domain=.exelator.com; Path=/; Max-Age=10368000; Expires=Wed, 17-Nov-2021 02:33:59 GMT; SameSite=None; Secure; ud="eJxrXxzq6XKLQSEl2cIoOTnZwtQyJTUtxdDU0MA8JSnVzMws0dzUNMk4bXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yMJySX5RZvoit6DFRSlpDItKik8F7014BAC4LCsW"; Domain=.exelator.com; Path=/; Max-Age=10368000; Expires=Wed, 17-Nov-2021 02:33:59 GMT; SameSite=None; Secure;
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-credentials: true

Redirect headers

server: nginx
date: Tue, 20 Jul 2021 02:33:59 GMT
content-type: image/gif
content-length: 0
cache-control: no-cache
x-powered-by: Undertow/1
set-cookie: EE="dc82ccc859defd15107dbe666a755b3f"; Domain=.exelator.com; Path=/; Max-Age=10368000; Expires=Wed, 17-Nov-2021 02:33:59 GMT; SameSite=None; Secure; ud="eJxrXxzq6XKLQSEl2cIoOTnZwtQyJTUtxdDU0MA8JSnVzMws0dzUNMk4bXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9kVvQ4qKUNMZFJcWngvcmPAIAfaYoQA%253D%253D"; Domain=.exelator.com; Path=/; Max-Age=10368000; Expires=Wed, 17-Nov-2021 02:33:59 GMT; SameSite=None; Secure;
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
access-control-allow-credentials: true

GET
H2 200 cj Show response
ds.frontend.weborama.fr/ Frame 913D 360 B
424 B 20ms
20ms Script
application/javascript 34.117.231.160
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.frontend.weborama.fr/cj?key=graphinium
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.231.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.231.117.34.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: a18d52551de684e40fb31c0dad0abcf80f613acfc4b437c7856d6c09040d18d4

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/javascript; charset=utf-8
alt-svc: clear
content-length: 360
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200
OK

weborama.js Show response
p.crm4d.com/sync/ Frame 233B
Redirect Chain

http://p.crm4d.com/sync/weborama.js?r=11845219724154379103&gdpr=&gdpr_consent=
https://p.crm4d.com/sync/weborama.js?r=11845219724154379103&gdpr=&gdpr_consent=

2 KB
2 KB

183ms
31ms

Script
text/javascript

51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://p.crm4d.com/sync/weborama.js?r=11845219724154379103&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6f7c9c1828fc0b39e1f8943174430e13a6eafc5089325276c7027f19a9af447f

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:33:59 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Location: https://p.crm4d.com/sync/weborama.js?r=11845219724154379103&gdpr=&gdpr_consent=
Date: Tue, 20 Jul 2021 02:33:59 GMT
X-Server: pgra6
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H/1.1

200
OK

weborama.js Show response
p.crm4d.com/sync/ Frame 52E1
Redirect Chain

http://p.crm4d.com/sync/weborama.js?r=4072250536671280442&gdpr=&gdpr_consent=
https://p.crm4d.com/sync/weborama.js?r=4072250536671280442&gdpr=&gdpr_consent=

2 KB
2 KB

178ms
33ms

Script
text/javascript

51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://p.crm4d.com/sync/weborama.js?r=4072250536671280442&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6f7c9c1828fc0b39e1f8943174430e13a6eafc5089325276c7027f19a9af447f

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Location: https://p.crm4d.com/sync/weborama.js?r=4072250536671280442&gdpr=&gdpr_consent=
Date: Tue, 20 Jul 2021 02:33:59 GMT
X-Server: pgra6
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H/1.1

200
OK

weborama.js Show response
p.crm4d.com/sync/ Frame 913D
Redirect Chain

http://p.crm4d.com/sync/weborama.js?r=6634545022950505988&gdpr=&gdpr_consent=
https://p.crm4d.com/sync/weborama.js?r=6634545022950505988&gdpr=&gdpr_consent=

2 KB
2 KB

156ms
33ms

Script
text/javascript

51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://p.crm4d.com/sync/weborama.js?r=6634545022950505988&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6f7c9c1828fc0b39e1f8943174430e13a6eafc5089325276c7027f19a9af447f

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Location: https://p.crm4d.com/sync/weborama.js?r=6634545022950505988&gdpr=&gdpr_consent=
Date: Tue, 20 Jul 2021 02:33:59 GMT
X-Server: pgra6
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H2 204 ids
idsync.frontend.weborama.fr/ Frame 4247 0
44 B 20ms
20ms Image
text/plain 35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=nielsen&value=dc82ccc859defd15107dbe666a755b3f
Requested by: Host: loadus.exelator.com
URL: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loadus.exelator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 204 ids
idsync.frontend.weborama.fr/ Frame 4BC7 0
44 B 20ms
20ms Image
text/plain 35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=nielsen&value=dc82ccc859defd15107dbe666a755b3f
Requested by: Host: loadus.exelator.com
URL: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loadus.exelator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 204 ids
idsync.frontend.weborama.fr/ Frame 1CF6 0
44 B 20ms
20ms Image
text/plain 35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=nielsen&value=dc82ccc859defd15107dbe666a755b3f
Requested by: Host: loadus.exelator.com
URL: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loadus.exelator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
via: 1.1 google
last-modified: Tue, 20 Jul 2021 02:33:59 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK match
p.crm4d.com/sync/weborama/ Frame 233B 42 B
545 B 108ms
40ms Image
image/gif 51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.crm4d.com/sync/weborama/match?uid=MLI%2F6VVvp8gq4CrRMBZOF.
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

GET
H/1.1

200
OK

s.gif
p.crm4d.com/sync/appnexus/ Frame 233B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fp.crm4d.com%2Fsync%2Fappnexus%2Fs.gif%3Fbounce%3D1%26uid%3D%24UID
https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=3352680221727473115

42 B
561 B

78ms
33ms

Image
image/gif

51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=3352680221727473115
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:34:00 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3b1998b5-44dd-4530-ad39-c39274eae5f8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=3352680221727473115
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 233B
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1

0
75 B

128ms
128ms

Image
text/plain

199.187.193.166
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:34:00 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1
pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK match
p.crm4d.com/sync/weborama/ Frame 52E1 42 B
545 B 103ms
35ms Image
image/gif 51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.crm4d.com/sync/weborama/match?uid=MLI%2F6VVvp8gq4CrRMBZOF.
Requested by: Host: p.crm4d.com
URL: http://p.crm4d.com/sync/weborama.js?r=4072250536671280442&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

GET
H/1.1

200
OK

s.gif
p.crm4d.com/sync/appnexus/ Frame 52E1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fp.crm4d.com%2Fsync%2Fappnexus%2Fs.gif%3Fbounce%3D1%26uid%3D%24UID
https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=3352680221727473115

42 B
561 B

58ms
33ms

Image
image/gif

51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=3352680221727473115
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:34:00 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 10e05a0d-6e5b-4ae5-a62d-16022b107276
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=3352680221727473115
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 52E1
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1

0
75 B

123ms
123ms

Image
text/plain

199.187.193.166
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:59 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1
pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK match
p.crm4d.com/sync/weborama/ Frame 913D 42 B
545 B 108ms
33ms Image
image/gif 51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.crm4d.com/sync/weborama/match?uid=MLI%2F6VVvp8gq4CrRMBZOF.
Requested by: Host: p.crm4d.com
URL: http://p.crm4d.com/sync/weborama.js?r=6634545022950505988&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

GET
H/1.1

200
OK

s.gif
p.crm4d.com/sync/appnexus/ Frame 913D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fp.crm4d.com%2Fsync%2Fappnexus%2Fs.gif%3Fbounce%3D1%26uid%3D%24UID
https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=3352680221727473115

42 B
561 B

53ms
33ms

Image
image/gif

51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=3352680221727473115
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 02:34:00 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 02:34:00 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3df73a63-81dc-4107-96bb-b0df6e85f699
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=3352680221727473115
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 913D
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1

0
75 B

160ms
140ms

Image
text/plain

199.187.193.166
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:33:59 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1
pragma: no-cache
date: Tue, 20 Jul 2021 02:33:59 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H3-29

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=83132076&utmhn=www.repetitor.ua&utmt=event&utme=5(Time*Log*0%3A10)&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&...
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=83132076&utmhn=www.repetitor.ua&utmt=event&utme=5(Time*Log*0%3A10)&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit...

35 B
55 B

6ms
5ms

Image
image/gif

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=83132076&utmhn=www.repetitor.ua&utmt=event&utme=5(Time*Log*0%3A10)&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&utmhid=670198763&utmr=-&utmp=%2F&utmht=1626748449552&utmac=UA-24521833-1&utmcc=__utma%3D235781890.1639173600.1626748430.1626748430.1626748430.1%3B%2B__utmz%3D235781890.1626748430.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6AAAAAAAAAAAAAAAAAAAAAgE~

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.repetitor.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 21:53:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16819
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=83132076&utmhn=www.repetitor.ua&utmt=event&utme=5(Time*Log*0%3A10)&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%AB%D0%A0%D0%B5%D0%BF%D0%B5%D1%82%D0%B8%D1%82%D0%BE%D1%80%C2%BB%20-%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&utmhid=670198763&utmr=-&utmp=%2F&utmht=1626748449552&utmac=UA-24521833-1&utmcc=__utma%3D235781890.1639173600.1626748430.1626748430.1626748430.1%3B%2B__utmz%3D235781890.1626748430.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6AAAAAAAAAAAAAAAAAAAAAgE~
Non-Authoritative-Reason: HSTS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: livestatisc.com
URL: https://livestatisc.com/ads/

Domain: livestatisc.com
URL: https://livestatisc.com/ads/

Domain: livestatisc.com
URL: https://livestatisc.com/ads/

Domain: pa.tns-ua.com
URL: http://pa.tns-ua.com/bug/get_cookie

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://cdn.admixer.net/scripts3/707d26dd5c625cf234ec.b.js(Line 1) Message: Chrome
console-api	log	URL: http://cdn.admixer.net/scripts3/707d26dd5c625cf234ec.b.js(Line 1) Message: Mraid Ready false
console-api	log	URL: http://cdn.admixer.net/scripts3/707d26dd5c625cf234ec.b.js(Line 1) Message: Chrome
console-api	log	URL: http://cdn.admixer.net/scripts3/707d26dd5c625cf234ec.b.js(Line 1) Message: Chrome
console-api	log	URL: http://cdn.admixer.net/scripts3/707d26dd5c625cf234ec.b.js(Line 1) Message: Event view https://inv-nets.admixer.net/ev_view.aspx?cc=FR%2FIDF%2F75%2F2988507&am-uid=6ff392fbb8de4a45ac8aa20a7cb26d17&cet=4&zone=E21E06B7-8504-4B52-BE4D-9685822441F0&rule=9E1E0ABC-8789-4721-83BD-1C0F636DA52B&requestId=bcf339cb-2d1b-4021-bd08-0a890a9ea028&hp=-1465892250&page=www.repetitor.ua%2F&pvid=af2ee14c-41f1-489d-a37f-87f16d0ab736&inst=ADS-EU-3&ts=637623452301350949&sf=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aax-eu.amazon-adsystem.com
ad.adriver.ru
ad.advon.info
ad.mail.ru
ads.betweendigital.com
advon.net
aimfar.solution.weborama.fr
ajax.googleapis.com
am15.net
b.am15.net
b.c8.net.ua
b1sync.zemanta.com
c.adskeeper.com
c.bigmir.net
c1.adform.net
cdn.admixer.net
cdn.adskeeper.co.uk
cm.adskeeper.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
counter.rambler.ru
counter.yadro.ru
creativecdn.com
cstatic.weborama.fr
dmp.vihub.ru
ds.frontend.weborama.fr
dx.frontend.weborama.com
farension.com
gum.criteo.com
i.bigmir.net
ib.adnxs.com
icode.advon.net
idsync.frontend.weborama.fr
idsync.rlcdn.com
infoworks.ru
inv-nets.admixer.net
ismatlab.com
jsc.adskeeper.com
livestatisc.com
loadus.exelator.com
m.trafmag.com
match.adsrvr.org
match.c8.net.ua
mc.yandex.com
mc.yandex.ru
megastock.ru
p.crm4d.com
pa.tns-ua.com
pixel.mathtag.com
pixel.tapad.com
pixel.vihub.ru
prebid-eu.creativecdn.com
r.c8.net.ua
r.scoota.co
rbnt.org
repetitor-ua.advon.net
rtd-tm.everesttech.net
s-img.adskeeper.com
s.uuidksinc.net
s.zmctrack.net
secure.adnxs.com
servicer.adskeeper.com
source.mmi.bemobile.ua
ssp.c8.net.ua
static.weborama.io
sync-uid.leadplace.fr
sync.1dmp.io
sync.dmp.otm-r.com
sync.smartadserver.com
sync.videonow.ru
t02.rbnt.org
uuidksinc.net
wam-google.solution.weborama.fr
wam-yahoo.solution.weborama.fr
wam.solution.weborama.fr
www.google-analytics.com
www.megastock.ru
www.planeta.vika.repetitor.ua
www.repetitor.ua
x.bidswitch.net
x.instreamatic.com
x01.aidata.io
yastatic.net
livestatisc.com
pa.tns-ua.com
104.18.16.65
104.19.134.80
136.243.148.229
136.243.149.224
138.201.36.215
142.250.185.66
145.239.192.166
146.0.227.107
148.251.159.22
151.101.14.49
18.198.69.109
185.184.8.65
185.187.81.41
185.33.221.50
185.33.221.87
188.42.191.196
193.200.65.6
193.239.68.97
193.239.71.100
194.247.175.26
194.247.175.38
195.201.57.28
195.209.108.37
195.54.48.25
195.54.48.26
199.187.193.166
2.18.233.201
207.154.204.189
212.1.66.234
212.1.66.239
212.118.48.164
212.76.131.50
212.82.100.182
2606:4700:3032::6815:5ad0
2606:4700:3036::6815:2875
2606:4700:3037::6815:42b2
2606:4700:3037::6815:60b
2a00:1148:db00::17
2a00:1450:4001:80f::200e
2a00:1450:4001:812::200a
2a00:1450:4001:827::200e
2a02:2638:1::13
2a02:6b8:20::215
2a02:6b8::1:119
2a03:90c0:41:2801::254
31.220.27.134
34.117.231.160
35.201.80.102
35.201.81.244
35.227.248.159
35.244.174.68
37.157.4.24
51.38.250.94
52.29.176.117
52.95.123.167
54.171.74.241
54.194.21.127
54.205.106.87
70.42.32.31
76.223.111.131
81.19.89.18
88.208.46.48
88.212.201.198
89.108.120.76
89.184.66.167
89.184.66.89
91.203.4.181
91.203.4.186
91.216.195.18
91.227.52.186
93.184.221.133
95.216.224.23
95.216.240.254
03ad90c948081ff882074119561412ded04a2acd95c204f96acc0024f9d8e64e
04589237737f7fb0ba10f352cc9134459832c755af8fcc6b95bf02a54fb606cd
0844db4bf9d6c3c1cbdacc486c86acd460b36a8a5864f9975e784991a2d356f4
0894d7332cb743fd777d11398f6e05b327478554a212e3fe747b653da12280c6
0a498251439b9b78d0f4a803f6d77b467662faa0a8453f77adf6ef2422ff6acf
0add324a9dbd8979d7421e3f84c2f870641d3d6111528850a71b13e03447bbbc
0ba6e4af0093468bf4e865f0c53c7fbc5f1c09dd1de4343bb9024ed7ed8b2ed9
0e671a70fbf1155ed9ec58398fb6d144360a73646429e52701ef584533fbb610
100a2174e55e3fbb96fb85d76f0b787847dc2ac55cd06a2b40a01035e6d4f4a3
10a14d1c491dcc1c6b5a2b6a76bd1ddb0ae3abb3a6086a0312acd48647fca8bd
10df42b8890fb1a6b2c62440094e06e1b003d002b073d0c7bfa5e8581ff1cb05
1101aeb68ba6cbf1f0592f3aec94fc2820012891b0543d3b5c54d0cb48324b36
110a21ee3616bfa86b492bb237eeb946ee4a643d7bb77a7fd2b131311f5ccf72
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1304280e4ae3bb5eca45cfc6395745eeb64273e571485e54976d866053f0742f
13eb95f2816f660f36ad7e22d95a8a96da677a53e71ea0db6961d841fccd509d
13f933f2c58b975d3d7afb791cf6010c7606b9b70120f2181d8a2bc88f531efe
19331a6a48d82bfdeea81df71594eddb4accc9a6a789df870722c9a9ddaf97d3
1b98d24bc1e0a07709abb0b918c3ea4922efbf45f6610898bf56c15618aab81d
1e60e920b3d344763f13b26c467a14384b47366613e72ed96e79e627cb647fd1
1e94b8ab986d3402e89a73db5ee9a977b340fadcdffe4300df2c0bb844830e30
1f142218357b320be1d8eda566cade1653ccb16cb0606d090bb54b8c0702ada5
21b82e2818317d8154b0015d7a606c590429a8645c79d2f90922449c805a2fd9
2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aebba5c2160f83e6157e0440241af2378e3c6bf29c917cd3d983c8af331a96a
2b22b5a44b3373ac1ed29b2e86f926daa8044dda24dcaf7e274d67c1e89aec41
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
34eb037aca76eb2515a191c6a6543c65a9a37e30253d35d7122c8e48e9bef880
37a3462d560acc18128025d8e3864e2937f166a47c36b542ba603a8d179efdb0
3b62256bc652e1b54ed253072efdfa3969117225af135bedff05f6a62060af37
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3d3dc9cade60878bfab820a1d0f79be96e4449d99dd0b42adae01cb74fcb344f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40a9129b820db4f2e17eaddb40da1938d148913ec8b803b4c63b6ac9ac6fb313
40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140
4a2d9cc9d3486f131787ba714be11a91b158dccfb7aeaa3b53346f3bee01fba9
4bfb40e066591504022cb2a02a2d96921b92084686b2bb51a0f8df556647b0a2
50de0516cd0fc84dc3486043041447a0fccc8a7eeb91d38572f34e8781e0a0d0
5198a754fa5484ddf6d055b51d607852250e047b252985d3b02d67b7f2a3391a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
570b0da22818a962fc876bff188f0f467dda5084fbef57e771abda77c75a2bda
58670ca692f4623765a6514fdfa1c5dc1503b230ef7d5f1636794bf202810727
594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5f8cc0d1810bd2b6e063f8b147f0c61c07bcc54c78d36058f178d05bca935e69
606fb015f87ba5bbcf783cd6fecf1ac351ede8dafa4767a43be8cf80f1634eb6
62809c09f78bcbcf1233cfcde966c640fd0ad54e1b5ef157dcac1897180f44d8
630ea5693710d90aed4d37110636019fd07af511142346085a40902b53c31996
632ffa963cb713d0621dd9aa33a564e61df82f951160f524cd238ff310b5125b
63b18b5635fc1818da6712734fc0d500652a85fecf6dfe1b4cb3cee139e52899
6a32dfe446e15f0d1d19f60c1c3128085d4cdd7e806d51559818760e4ccf74fa
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f7c9c1828fc0b39e1f8943174430e13a6eafc5089325276c7027f19a9af447f
723c7584af2e74197390bb4f62cc9dd33bbeafbb67ad38d72ab8b38b6867a8be
7617ad202c74effddd97bba1ed1873a551fbd20d7c2a41f564e8ddc592fe4128
7c9d65d9cee2f5a9818ec99eda6c13fbe10677b2c65b7ddf21e2b06fbc96a62a
7e3cad99f551463c23e5df37b6a58705acec49a32190b236d23cd3efc62184fe
805b3d00141a5790cce889a3e098dd3e88e90ee166d03f969ad16364ba289c04
82843b213485aee305c0346091e4a320f48d740f6083129b953e9fb01b283686
82f5f5d6248f8a69ad1b304791bdcd481473f6a7adf3fd44dfb7c2ae8f3c92ff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
865590fb8d7b1eb551958b9f0288f1ccb4b572662af5c90bcebef6729cc9beb8
878747913894b9869238d7b2990da81fd427379ed55d1d38961482c6ea2e35ab
89d15e8d6c0a69d8914c2c2363200b5fc3033c509439795e5bbe144974038e81
8e96268766735ae11a87d1e3bea4e681b0b05e3afa54d79806dc1f550597fa15
8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
904cf213353c7ed66093dba1a68e4d8bb0fa1693b048c02bde50402993c24f91
939268e29c0c010230166f0cfe2421d82e71d7830d5c68679a465addc33dcb33
946c31a9d04eb52faf443da904c76db9e897719e24861739097fa90e56ded106
949c83c45088a9792d9c745d19b6c3f47fd6a5184c9cf892609188d3627f96d4
96bee4ba9f9b6f96135c214b27e634328ab88b702579d7c5c710d2fe396b3788
9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6
9d47457c64a0c0be7995db5bcb4f45c811da28c71dec36ad68b7f3a3041d1e04
a0e0fe6fc83308dd8ad5b35fa674e8db901b5cd09fe5b21fce854ad8530162bb
a14cf5a4ba1fd7df7d80f0c23bd3f5a16b8ca50d27d2c82a838c24d3f790096e
a18d52551de684e40fb31c0dad0abcf80f613acfc4b437c7856d6c09040d18d4
a72f6e287ccbd8e44f5f415148688ca4cc0abddd57e0b14e62560eb7e3152397
a8291ca035f123bf8678f227d6eaee31a94c5ad4f94aa36b2e25535d4554e68a
a8cb1a292789f28237522e7564bbe347e5eb9c76bec1f8e9d7a414ca4cff86ec
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa26e4172d5712b53abedee51d303b6b6a9e6181c1f08364329aa99868fea78e
acf7d7667c3d9c7bee496f4ffe55667c8187786a828a5dcc0f0862b107181b4c
b0a740b67b3e9f868641878f61e64724977b0d493a93d2a8ad8dc54ea8e4e30c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3883229115068714ffc63c82db6f810e84201317cb0385cc3b7c94b0c305554
b5254fa851a0f265c4144e39384aeafb90850ae7e0fdbe104b9fb19221c651a4
b5f1343b46d0b18e78ae7bfb6ec5cfd0195a35a07f74da58d0612e06b1c429c2
b9579bf1656c555dbc4fadcb8a7a9db809494faae930ab554cb55bfeef7d2c2d
bb7a30bf278d620602ce6b4b069a792ab06a712b9935bd08c2da51bfc3ceb95f
bdbb30054481cf1c2323aeba0ee8fe39193814a97dba31a0b1ae39d9bb4473ae
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c531eb2baeaef34843e9785bc63435f6a7a73f5540dd244071b491f8efc0e803
cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4
cb4f20b419454f628dfc497497507747a130988034fc7cca261ac6ab48a6273d
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0691ec8393044cf6c3456eb07d1e802c6031dc61f269eba5df3d62db25117d4
d22f3bebb926a603525fe11e87bde207fc9d948a582c227be9405e3b05302d65
d2fb1c42b4414cff2a3fd0328cfad989eb020089da905f2a53ce51b0f34da3df
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e376b4b3a5e3dad27bc3154608dbf24b99047afaa553ec9d9090f6ecb7368cc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b23d855ab38d3c982e95d49894d4febd754baf5072d2049979254ad9663219
e5e3ec67a5d9f8f0652f41053191a029148a3a03026c26f367c7d3fffaeeec9a
e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa
e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6
ee591a2c0f344044e1231b8770d551afe41cbe4c6819fa0360a233235093ff42
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04c53cdf173028fe6e3c15285a9cf48d37aec4feda799bfce5405be883547bb
f12360878fc00708d91522749da55b430d5ee2eed1d930c0a6d41b4997115cc8
f749f5beeca545ef24016324e3da06bd4bf9c688b69ddbf72113e16e488378f2
f752c9d78517ca9e04bd89d00ad15e914800aad0f8471c18b9114c620b74463b
f76a7cd4d198acd506463308fe0ef69b15c192779898b874b82d0884f27e561a
f8ef0068a018e69ac5f56505d59a2fa3acf3916b0040fa3a28301b39daf6bc19
fd73e53fbe9df707fb99640593c04859569d217d9c0179a06e8b7356b80a2753

www.repetitor.ua Open in urlscan Pro 2606:4700:3037::6815:60b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

237 Requests

57 %HTTPS

16 %IPv6

59 Domains

84 Subdomains

56 IPs

13 Countries

987 kBTransfer

2089 kBSize

0 Cookies

18 Outgoing links

Page URL History

Redirected requests

237 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.repetitor.ua Open in urlscan Pro
2606:4700:3037::6815:60b Public Scan

Screenshot
Live screenshot

Full Image

237
Requests

57 %
HTTPS

16 %
IPv6

59
Domains

84
Subdomains

56
IPs

13
Countries

987 kB
Transfer

2089 kB
Size

0
Cookies

237 HTTP transactions
5 data transactions