www.paladiny.ru Open in urlscan Pro
146.185.148.189 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Submission: On February 09 via manual (February 9th 2023, 11:03:50 am UTC) from UA — Scanned from PL

Summary HTTP 114 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 41 domains to perform 114 HTTP transactions. The main IP is 146.185.148.189, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is www.paladiny.ru.

This is the only time www.paladiny.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	146.185.148.189 146.185.148.189	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	142.251.39.34 142.251.39.34	15169 (GOOGLE) (GOOGLE)
1 1	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
3	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	185.12.127.130 185.12.127.130	50214 (QWARTA) (QWARTA)
6	142.251.208.162 142.251.208.162	15169 (GOOGLE) (GOOGLE)
2 5	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
2	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
1 32	193.3.184.137 193.3.184.137	50214 (QWARTA) (QWARTA)
1 2	193.3.184.212 193.3.184.212	50214 (QWARTA) (QWARTA)
2 6	87.250.251.119 87.250.251.119	13238 (YANDEX) (YANDEX)
5 5	185.12.125.25 185.12.125.25	50214 (QWARTA) (QWARTA)
2 3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
2 2	193.232.150.70 193.232.150.70	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	95.163.41.56 95.163.41.56	47764 (VK-AS) (VK-AS)
2 2	195.209.108.39 195.209.108.39	52007 (ADRIVER-AS) (ADRIVER-AS)
2	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
1	172.67.217.151 172.67.217.151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.18.103.22 37.18.103.22	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.131 185.15.175.131	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	116.202.85.93 116.202.85.93	24940 (HETZNER-AS) (HETZNER-AS)
2 2	78.46.16.13 78.46.16.13	24940 (HETZNER-AS) (HETZNER-AS)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
2 2	212.76.129.181 212.76.129.181	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
1	87.242.89.90 87.242.89.90	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	188.72.107.205 188.72.107.205	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	176.122.21.139 176.122.21.139	48096 (ITGRAD) (ITGRAD)
3 3	217.66.147.37 217.66.147.37	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 2	93.158.134.90 93.158.134.90	13238 (YANDEX) (YANDEX)
1 1	148.251.40.140 148.251.40.140	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.109.65.188 65.109.65.188	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
2 3	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
1 1	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1 2	188.42.105.220 188.42.105.220	7979 (SERVERS-COM) (SERVERS-COM)
1 2	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	23.88.12.14 23.88.12.14	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.111.107.44 23.111.107.44	39134 (UNITEDNET) (UNITEDNET)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1 2	167.235.117.41 167.235.117.41	24940 (HETZNER-AS) (HETZNER-AS)
2	142.251.39.74 142.251.39.74	15169 (GOOGLE) (GOOGLE)
3	142.250.201.195 142.250.201.195	15169 (GOOGLE) (GOOGLE)
8	142.250.201.193 142.250.201.193	15169 (GOOGLE) (GOOGLE)
1	172.217.20.2 172.217.20.2	15169 (GOOGLE) (GOOGLE)
4 4	185.15.175.144 185.15.175.144	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	142.250.180.228 142.250.180.228	15169 (GOOGLE) (GOOGLE)
114	33

20 146.185.148.189 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: nihost.ru

www.paladiny.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.17 (Russian Federation) 1 redirects

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.19.89.18 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.12.127.130 (Russian Federation)

ASN50214 (QWARTA, RU)

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.208.162 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.163.52.67 (Russian Federation) 2 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

d4.c1.b4.a1.top.list.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 193.3.184.137 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)
PTR: asrv321.qwarta.ru

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.3.184.212 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 87.250.251.119 (Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.12.125.25 (Russian Federation) 5 redirects

ASN50214 (QWARTA, RU)

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.70 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.senders.ntvplus.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.41.56 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: r.mail.ru

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.39 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.217.151 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.22 (Netherlands)

ASN205675 (HYBRID-AS, DE)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.131 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.85.93 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.93.85.202.116.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.16.13 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-2.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.76.129.181 (Russian Federation) 2 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

sync.adspend.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.89.90 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.107.205 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr05.segmento.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.122.21.139 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.66.147.37 (St Petersburg, Russian Federation) 3 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-37-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.158.134.90 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.40.140 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.140.40.251.148.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.65.188 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.188.65.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.120.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.105.220 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.172 (Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.12.14 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.14.12.88.23.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.117.41 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.41.117.235.167.clients.your-server.de

sync.programmatica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.39.74 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.201.195 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.201.193 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.20.2 (United States)

ASN15169 (GOOGLE, US)
PTR: ham02s13-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.144 (Russian Federation) 4 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.228 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	acint.net 6 redirects www.acint.net — Cisco Umbrella Rank: 29548 acint.net — Cisco Umbrella Rank: 24367	35 KB
20	paladiny.ru www.paladiny.ru	61 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	300 KB
8	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 3788 an.yandex.ru — Cisco Umbrella Rank: 3728	62 KB
6	digitaltarget.ru 4 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 120844 dmg.digitaltarget.ru — Cisco Umbrella Rank: 21923	22 KB
5	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 10374 ad.mail.ru — Cisco Umbrella Rank: 9923	4 KB
4	mts.ru 4 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 36344 tech.rtb.mts.ru — Cisco Umbrella Rank: 42773	3 KB
4	adriver.ru 2 redirects ad.adriver.ru — Cisco Umbrella Rank: 22094 ssp.adriver.ru — Cisco Umbrella Rank: 27150	2 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	62 KB
4	rambler.ru 1 redirects counter.rambler.ru — Cisco Umbrella Rank: 109952 kraken.rambler.ru — Cisco Umbrella Rank: 32072	105 KB
3	gstatic.com www.gstatic.com	15 KB
3	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 16412	1 KB
3	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1479	2 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 67 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	sape.ru 1 redirects cdn-rtb.sape.ru — Cisco Umbrella Rank: 63294 ssp-rtb.sape.ru — Cisco Umbrella Rank: 29783	43 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	2 KB
2	programmatica.com 1 redirects sync.programmatica.com — Cisco Umbrella Rank: 182898	462 B
2	bumlam.com 1 redirects sync.bumlam.com — Cisco Umbrella Rank: 3399 6c214856-a869-11ed-86e0-002590c0647c.n7.sync.bumlam.com Failed	1 KB
2	gonet-ads.com 1 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 34856	630 B
2	adspend.space 2 redirects sync.adspend.space — Cisco Umbrella Rank: 75072	456 B
2	upravel.com 2 redirects sync.upravel.com — Cisco Umbrella Rank: 37649	1 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 17632	827 B
2	google.pl adservice.google.pl — Cisco Umbrella Rank: 30466	696 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	48 KB
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1545	22 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 100341	753 B
1	bidderstack.com nr.bidderstack.com — Cisco Umbrella Rank: 27959	224 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9986	287 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 34667	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 30395	454 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10334	208 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 21313	176 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 64040	201 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 172802	411 B
1	1dmp.io sync.1dmp.io — Cisco Umbrella Rank: 15403	155 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 65423	289 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 18327	70 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 15749	282 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 53133	775 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 854	605 B
1	list.ru 1 redirects d4.c1.b4.a1.top.list.ru	975 B
114	41

	Domain	Requested by
33	www.acint.net	6 redirects cdn-rtb.sape.ru www.paladiny.ru www.acint.net
20	www.paladiny.ru	www.paladiny.ru
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	www.paladiny.ru pagead2.googlesyndication.com tpc.googlesyndication.com
6	mc.yandex.ru	2 redirects cdn-rtb.sape.ru www.paladiny.ru
4	dmg.digitaltarget.ru	4 redirects
4	acint.net	www.acint.net
4	top-fwz1.mail.ru	1 redirects www.paladiny.ru www.acint.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	x01.aidata.io	2 redirects www.acint.net
3	sm.rtb.mts.ru	3 redirects
3	ads.betweendigital.com	2 redirects www.acint.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	sync.programmatica.com	1 redirects www.acint.net
2	sync.bumlam.com	1 redirects www.acint.net
2	sync.gonet-ads.com	1 redirects www.acint.net
2	an.yandex.ru	1 redirects www.acint.net
2	sync.adspend.space	2 redirects
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	ssp-rtb.sape.ru	1 redirects cdn-rtb.sape.ru
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.pl	pagead2.googlesyndication.com
2	kraken.rambler.ru	www.paladiny.ru
2	counter.rambler.ru	1 redirects www.paladiny.ru
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	sync.adkernel.com	www.acint.net
1	cs.agency2.ru	1 redirects
1	nr.bidderstack.com	www.acint.net
1	counter.yadro.ru	1 redirects
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	sync.1dmp.io	www.acint.net
1	ssp.bestssp.com	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	d4.c1.b4.a1.top.list.ru	1 redirects
1	cdn-rtb.sape.ru	www.paladiny.ru
0	6c214856-a869-11ed-86e0-002590c0647c.n7.sync.bumlam.com Failed	www.acint.net
114	52

This site contains links to these domains. Also see Links.

Domain
www.magic.ru
magic.rambler.ru
twitter.com
paladiny.ru
kazinohi.com
friendscasino.mobi
selector-cazino.wtf
top100.rambler.ru

Subject Issuer	Validity	Valid
*.sape.ru R3	`2022-12-11` - `2023-03-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-05-16` - `2023-05-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.pl GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.acint.net R3	`2022-12-15` - `2023-03-15`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
tag.digitaltarget.ru R3	`2023-01-16` - `2023-04-16`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
sync.1dmp.io R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
new-programmatic.com R3	`2023-01-14` - `2023-04-14`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-21` - `2023-04-21`	6 months	crt.sh
*.bidderstack.com Go Daddy Secure Certificate Authority - G2	`2022-11-20` - `2023-11-18`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Frame ID: C5AE69D254571990442EEFC9739AC860
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Frame ID: 1C58E5C2F9F707C83A3F70FB386AC461
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=600&slotname=1332047107&adk=1460880071&adf=2290519548&pi=t.ma~as.1332047107&w=160&lmt=1675939109&format=160x600&url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&wgl=1&dt=1675940623359&bpp=6&bdt=397&idt=342&shv=r20230207&mjsv=m202301310101&ptt=9&saldr=aa&abxe=1&correlator=880080748594&frm=20&pv=2&ga_vid=388564781.1675940624&ga_sid=1675940624&ga_hid=132670522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31072294&oid=2&pvsid=3487259986629793&tmod=776354890&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bKSqYGggY0&p=http%3A//www.paladiny.ru&dtd=580
Frame ID: 2C600E283E7BA93EA4B6A72E42D5A75F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&adk=1812271804&adf=3025194257&lmt=1675939109&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&ea=0&pra=7&wgl=1&dt=1675940623963&bpp=3&bdt=1001&idt=3&shv=r20230207&mjsv=m202301310101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=880080748594&frm=20&pv=1&ga_vid=388564781.1675940624&ga_sid=1675940624&ga_hid=132670522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31072294&oid=2&pvsid=3487259986629793&tmod=776354890&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=19
Frame ID: 3793858278E0B55BD7C61B344F0D5827
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14
Frame ID: EEBDEE07E50E7A4A6E479D05354C793A
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6B222F92DFA9D42A66DC5629FA826274
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F9C1E23E21464ED3191731A0D1488E3C
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: 16EE2F69EC4C90553C175DA282D686E7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 068A72F8C3BF5433AEAB44F861F2A51B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 925CB012E2EB06F709DF1BE163F1AD1E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Форум: Обо всём: Где поиграть онлайн-казино

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

114
Requests

55 %
HTTPS

0 %
IPv6

41
Domains

52
Subdomains

33
IPs

6
Countries

757 kB
Transfer

1796 kB
Size

80
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: http://www.magic.ru/ratings/chars/
Title: Игроки

Search URL Search Domain Scan URL

URL: http://www.magic.ru/ratings/tourneys/
Title: Турниры

Search URL Search Domain Scan URL

URL: http://www.magic.ru/ratings/clans/
Title: Кланы

Search URL Search Domain Scan URL

URL: http://www.magic.ru/download/
Title: Клиент игры

Search URL Search Domain Scan URL

URL: http://magic.rambler.ru/start/
Title: Rambler-Клиент

Search URL Search Domain Scan URL

URL: http://www.magic.ru/game/
Title: Браузерная версия

Search URL Search Domain Scan URL

URL: http://www.magic.ru/shop/
Title: Магазин Magic

Search URL Search Domain Scan URL

URL: http://twitter.com/magic_game
Title: Тви-вестник

Search URL Search Domain Scan URL

URL: http://paladiny.ru/go/?http://www.magic.ru/forum/
Title: Форум Magic

Search URL Search Domain Scan URL

URL: https://kazinohi.com/
Title: лучшие онлайн казино

Search URL Search Domain Scan URL

URL: https://friendscasino.mobi/
Title: вход в казино Френдс

Search URL Search Domain Scan URL

URL: https://selector-cazino.wtf/
Title: selector-cazino.wtf

Search URL Search Domain Scan URL

URL: https://top100.rambler.ru/home?id=1449916

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://counter.rambler.ru/top100.jcn?1449916 HTTP 307
https://counter.rambler.ru/top100.jcn?1449916

Request Chain 26

http://d4.c1.b4.a1.top.list.ru/counter?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.9151860070646785 HTTP 302
https://top-fwz1.mail.ru/counter?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.9151860070646785;ver=30 HTTP 302
https://top-fwz1.mail.ru/counter2?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.9151860070646785;ver=30

Request Chain 42

http://www.acint.net/mc/?dp=14 HTTP 302
https://www.acint.net/mc/?dp=14

Request Chain 43

http://www.acint.net/oci.js?t=1675940624249 HTTP 302
https://www.acint.net/oci.js?t=1675940624249

Request Chain 44

http://www.acint.net/hit/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=22028536&u=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=&rs=1600x1200&t=%D0%A4%D0%BE%D1%80%D1%83%D0%BC%3A%20%D0%9E%D0%B1%D0%BE%20%D0%B2%D1%81%D1%91%D0%BC%3A%20%D0%93%D0%B4%D0%B5%20%D0%BF%D0%BE%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&oE=1&oP=1&dT=2023-02-09T11%3A03%3A44.241&fu=abad7aaa-c7e4-4ea8-ab53-b3312237a928 HTTP 302
https://www.acint.net/hit/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=22028536&u=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=&rs=1600x1200&t=%D0%A4%D0%BE%D1%80%D1%83%D0%BC%3A%20%D0%9E%D0%B1%D0%BE%20%D0%B2%D1%81%D1%91%D0%BC%3A%20%D0%93%D0%B4%D0%B5%20%D0%BF%D0%BE%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&oE=1&oP=1&dT=2023-02-09T11%3A03%3A44.241&fu=abad7aaa-c7e4-4ea8-ab53-b3312237a928

Request Chain 52

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F10D3E463B200A2500206C1DB HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F10D3E463B200A2500206C1DB&crf=1

Request Chain 53

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=1C03420A10D3E4632200209D025FA71D

Request Chain 54

https://px.adhigh.net/p/cm/sape?u=0100007F10D3E463B200A2500206C1DB HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007F10D3E463B200A2500206C1DB&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=u70yg4mvtNml.AikABlGGNdh6CA

Request Chain 56

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4776700879 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AYdBxGYbMjOPXeaoaHiaO_Q&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F10D3E463B200A2500206C1DB

Request Chain 61

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://www.acint.net/match?dp=71&euid=c97d5c8d-6625-4eb2-b956-c70aa3630564

Request Chain 63

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=PBCSSPRR

Request Chain 64

https://sync.adspend.space/sape?uid=0100007F10D3E463B200A2500206C1DB HTTP 302
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3De194715e-3894-4ffa-88b4-9185f49bc739 HTTP 302
https://www.acint.net/match?dp=98&euid=e194715e-3894-4ffa-88b4-9185f49bc739

Request Chain 66

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=aBX7MOvQQE62

Request Chain 67

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=ac80b17c-a83d-5228-899e-857cea7a566c

Request Chain 68

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=38e0500cf188436d89e2940f2f474633

Request Chain 69

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F10D3E463B200A2500206C1DB HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F10D3E463B200A2500206C1DB HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=bd217a8e-ac17-4fa1-a99f-8fe38e608fb6&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FvSF6jqwXT6Gpn4_jjmCPtg%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D0%26sign%3D184223085 HTTP 302
https://an.yandex.ru/setud/mts_banner/vSF6jqwXT6Gpn4_jjmCPtg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=184223085 HTTP 302
https://sm.rtb.mts.ru/em?next=30&em=0 HTTP 301
https://www.acint.net/match?dp=125&euid=bd217a8e-ac17-4fa1-a99f-8fe38e608fb6

Request Chain 70

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=b429c851-1eb9-4b07-4a37-bf97c9ba7034

Request Chain 71

https://s.uuidksinc.net/match/396/?remote_uid=0100007F10D3E463B200A2500206C1DB HTTP 302
https://www.acint.net/match?dp=127&euid=DfgeJUyhWE9S8a0SSq9I

Request Chain 72

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=l8y198uksj

Request Chain 74

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F10D3E463B200A2500206C1DB HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F10D3E463B200A2500206C1DB&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 75

https://sync.gonet-ads.com/match/sape.js?id=0100007F10D3E463B200A2500206C1DB HTTP 302
https://sync.gonet-ads.com/match/sape.js?id=0100007F10D3E463B200A2500206C1DB&chk=1

Request Chain 76

https://sync.bumlam.com/?src=sap1&uid=0100007F10D3E463B200A2500206C1DB HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARiRppOfBmIgMDEwMDAwN0YxMEQzRTQ2M0IyMDBBMjUwMDIwNkMxREKiARBsIUhWqGkR7YbgACWQwGR8

Request Chain 77

https://pix.bumlam.com/sync/sape/check?sspuid=0100007F10D3E463B200A2500206C1DB HTTP 302
https://sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/sync_ok?guid=6c214856-a869-11ed-86e0-002590c0647c HTTP 302
https://6c214856-a869-11ed-86e0-002590c0647c.n7.sync.bumlam.com/?src=sape

Request Chain 80

https://cs.agency2.ru/p?ssp=sp&uid=0100007F10D3E463B200A2500206C1DB HTTP 301
https://www.acint.net/match?dp=186&euid=3e63e46b-57f8-4c2a-b9c3-fc767f1bedb7

Request Chain 82

https://sync.programmatica.com/match/RTBSape?id=0100007F10D3E463B200A2500206C1DB HTTP 302
https://sync.programmatica.com/match/RTBSape?id=0100007F10D3E463B200A2500206C1DB&chk=1

Request Chain 83

https://mc.yandex.ru/watch/71281900?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A348%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A716529493898%3Ahid%3A880395513%3Az%3A0%3Ai%3A20230209110344%3Aet%3A1675940625%3Ac%3A1%3Arn%3A866988473%3Arqn%3A1%3Au%3A16759406251021875446%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A37%2C45%2C108%2C45%2C%2C0%2C%2C962%2C35%2C%2C%2C%2C1199%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675940622764%3Arqnl%3A1%3Ast%3A1675940625%3At%3A%D0%A4%D0%BE%D1%80%D1%83%D0%BC%3A%20%D0%9E%D0%B1%D0%BE%20%D0%B2%D1%81%D1%91%D0%BC%3A%20%D0%93%D0%B4%D0%B5%20%D0%BF%D0%BE%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A348%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A716529493898%3Ahid%3A880395513%3Az%3A0%3Ai%3A20230209110344%3Aet%3A1675940625%3Ac%3A1%3Arn%3A866988473%3Arqn%3A1%3Au%3A16759406251021875446%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A37%2C45%2C108%2C45%2C%2C0%2C%2C962%2C35%2C%2C%2C%2C1199%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675940622764%3Arqnl%3A1%3Ast%3A1675940625%3At%3A%D0%A4%D0%BE%D1%80%D1%83%D0%BC%3A%20%D0%9E%D0%B1%D0%BE%20%D0%B2%D1%81%D1%91%D0%BC%3A%20%D0%93%D0%B4%D0%B5%20%D0%BF%D0%BE%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 84

https://mc.yandex.ru/watch/91568663?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2263e4d30f-f645-a0sl-ozpq-5l4mqarmnagd%22%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A348%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A374357609835%3Ahid%3A880395513%3Az%3A0%3Ai%3A20230209110344%3Aet%3A1675940625%3Ac%3A1%3Arn%3A642638660%3Arqn%3A1%3Au%3A16759406251021875446%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A37%2C45%2C108%2C45%2C%2C0%2C%2C962%2C35%2C%2C%2C%2C1199%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675940622764%3Arqnl%3A1%3Ast%3A1675940625%3At%3A%D0%A4%D0%BE%D1%80%D1%83%D0%BC%3A%20%D0%9E%D0%B1%D0%BE%20%D0%B2%D1%81%D1%91%D0%BC%3A%20%D0%93%D0%B4%D0%B5%20%D0%BF%D0%BE%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/91568663/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2263e4d30f-f645-a0sl-ozpq-5l4mqarmnagd%22%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A348%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A374357609835%3Ahid%3A880395513%3Az%3A0%3Ai%3A20230209110344%3Aet%3A1675940625%3Ac%3A1%3Arn%3A642638660%3Arqn%3A1%3Au%3A16759406251021875446%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A37%2C45%2C108%2C45%2C%2C0%2C%2C962%2C35%2C%2C%2C%2C1199%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675940622764%3Arqnl%3A1%3Ast%3A1675940625%3At%3A%D0%A4%D0%BE%D1%80%D1%83%D0%BC%3A%20%D0%9E%D0%B1%D0%BE%20%D0%B2%D1%81%D1%91%D0%BC%3A%20%D0%93%D0%B4%D0%B5%20%D0%BF%D0%BE%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 94

http://www.acint.net/oci/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=03256342&oid=cc832357f3a5bb7e069af0ed5ebf3cee HTTP 302
https://www.acint.net/oci/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=03256342&oid=cc832357f3a5bb7e069af0ed5ebf3cee

Request Chain 103

https://dmg.digitaltarget.ru/1/1093/i/i?i=433863878424313.19465417233657&a=77&e=0100007F10D3E463B200A2500206C1DB&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0100007F10D3E463B200A2500206C1DB.sync:up.xdua:du5zws7NoMsTarvInQY06RHl.xps:xpseE6SfibP2PKvSquT18Ewbe.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675940626354&i=433863878424313.19465417233657&a=77&e=0100007F10D3E463B200A2500206C1DB&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0100007F10D3E463B200A2500206C1DB.sync:up.xdua:du5zws7NoMsTarvInQY06RHl.xps:xpseE6SfibP2PKvSquT18Ewbe.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=-xvlreoLuzgPM327TJF1

Request Chain 104

https://dmg.digitaltarget.ru/1/1093/i/i?i=433863878424313.907191123093570&a=77&e=0100007F10D3E463B200A2500206C1DB&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0100007F10D3E463B200A2500206C1DB.sync:up.xdua:du5zws7NoMsTarvInQY06RHl.xps:xpseE6SfibP2PKvSquT18Ewbe.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675940626352&i=433863878424313.907191123093570&a=77&e=0100007F10D3E463B200A2500206C1DB&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0100007F10D3E463B200A2500206C1DB.sync:up.xdua:du5zws7NoMsTarvInQY06RHl.xps:xpseE6SfibP2PKvSquT18Ewbe.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=-xvlreoLuzgPM327TJF1

Request Chain 110

http://www.acint.net/ping/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=66306413&dT=2023-02-09T11%3A03%3A47.248 HTTP 302
https://www.acint.net/ping/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=66306413&dT=2023-02-09T11%3A03%3A47.248

114 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request forummess.magic.php Show response
www.paladiny.ru/ 30 KB
8 KB 190ms
108ms Document
text/html 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 / PHP/5.3.29-1~dotdeb.0
Resource Hash: fd1b92c599bb32fb246e497421d6acf06399ca23e7023063bcd55c2d7d6c1e74

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 7201
Content-Type: text/html; charset=CP1251
Date: Thu, 09 Feb 2023 10:38:29 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Thu, 09 Feb 2023 10:38:29 GMT
Pragma: no-cache
Server: nginx/1.9.2
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.29-1~dotdeb.0

GET
H/1.1 200
OK main.css
www.paladiny.ru/js/ 8 KB
8 KB 82ms
45ms Stylesheet
text/css 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paladiny.ru/js/main.css
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 36d71a4322b43e8bc7f079e0e9ff676e97ac8af955332e30de9d513e0ca8b861

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:32:27 GMT
Server: nginx/1.9.2
ETag: "4865080b-1e84"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7812

GET
H/1.1 200
OK logo.jpg
www.paladiny.ru/pics/ 23 KB
23 KB 90ms
44ms Image
image/jpeg 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/logo.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: da3aac110278116dac2ac2359465f8c511d12cee712ca74e828350e891c92846

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:18 GMT
Server: nginx/1.9.2
ETag: "4865087a-5ac8"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23240

GET
H/1.1 200
OK pob.gif
www.paladiny.ru/pics/ 1 KB
1 KB 57ms
51ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/pob.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: d251101f3039f702bd870b1e4ae92addc42f895f3f9699f0d1341aaed075c47f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:22 GMT
Server: nginx/1.9.2
ETag: "4865087e-4eb"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1259

GET
H/1.1 200
OK tmbg.gif
www.paladiny.ru/pics/ 148 B
384 B 55ms
49ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/tmbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 487238b9c9c6d7ade7161ece3909d28315189cddd05644fd918b5b7dc40b0929

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:40:23 GMT
Server: nginx/1.9.2
ETag: "486509e7-94"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 148

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
52 KB 141ms
96ms Script
text/javascript 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0

Protocol

HTTP/1.1

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

0f946a4f332240c27f3e9bec2b91048d71be09f194fb6bc316fad159352e88ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:03:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 52594
X-XSS-Protection: 0
Server: cafe
ETag: 6504994843332398227
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Thu, 09 Feb 2023 11:03:43 GMT

GET
H/1.1 200
OK spacer.gif
www.paladiny.ru/pics/ 43 B
278 B 223ms
54ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/spacer.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 74e51ad76a9c144a79ddce4488618495769b9c3af5b6ff4651315545850ae3a2

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:40:21 GMT
Server: nginx/1.9.2
ETag: "486509e5-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H/1.1 200
OK lmli.gif
www.paladiny.ru/pics/ 104 B
340 B 280ms
46ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmli.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 46612b2c33d8502a26bef927b364c85ba1bd5e8c9491bb9c369ec9d8900682ba

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:16 GMT
Server: nginx/1.9.2
ETag: "48650878-68"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104

GET
H/1.1 200
OK new.gif
www.paladiny.ru/images/ 3 KB
3 KB 278ms
45ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/new.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 0e10f07e21bdc3acceb8b6163bc8d6f749147a15abde39f6d65f5eae72d4e404

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:34 GMT
Server: nginx/1.9.2
ETag: "4865079a-a8a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2698

GET
H/1.1 200
OK lmenurt.gif
www.paladiny.ru/pics/ 281 B
518 B 189ms
57ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmenurt.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: e2ed7d372b4df9b6132f8bc5ee9534994a37790e9f8612c89de3131ac0a3ee76

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:16 GMT
Server: nginx/1.9.2
ETag: "48650878-119"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 281

GET
H/1.1 200
OK txttbg.gif
www.paladiny.ru/pics/ 1 KB
1 KB 97ms
69ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/txttbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: cfdbae1c302cf3e3cf68a0b9a049503fbec2165e1ee9b783bc67b7c4deb657c7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:40:24 GMT
Server: nginx/1.9.2
ETag: "486509e8-453"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1107

GET
H/1.1 200
OK folder.gif
www.paladiny.ru/pics/forum/ 344 B
581 B 190ms
58ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/forum/folder.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 6e9cd72c5eb9526358e9607329dc1b35f4b80b8ce688ca6dc5ed97dd38728898

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:09 GMT
Server: nginx/1.9.2
ETag: "48650871-158"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 344

GET
H2

200

top100.jcn Show response
counter.rambler.ru/
Redirect Chain

http://counter.rambler.ru/top100.jcn?1449916
https://counter.rambler.ru/top100.jcn?1449916

102 KB
102 KB

245ms
126ms

Script
application/javascript

81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.rambler.ru/top100.jcn?1449916
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 5dd862a9779d4985cdecf34869460a2b27364f97e84e152d062e7d6846b10f59

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: application/octet-stream, application/javascript
date: Thu, 09 Feb 2023 11:03:43 GMT
server: nginx/1.19.4
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

Redirect headers

Date: Thu, 09 Feb 2023 11:03:43 GMT
Server: nginx/1.19.4
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://counter.rambler.ru/top100.jcn?1449916
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 171

GET
H2 200 5291.js Show response
cdn-rtb.sape.ru/teasers/js/291/2/ 101 KB
42 KB 422ms
190ms Script
application/javascript 185.12.127.130
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/teasers/js/291/2/5291.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.12.127.130 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

Software

openresty /

Resource Hash

8263cc71b2efe8c428707aba20e1724c1609d6f908f294a07550d7933e622c32

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:43 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 09 Feb 2023 02:06:20 GMT
server: openresty
x-amz-request-id: 1742072410EF6163
etag: W/"be48c37af06ce0aa51587ada570d3394"
x-cache-status: REVALIDATED
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=3600
x-xss-protection: 1; mode=block
expires: Thu, 09 Feb 2023 12:03:43 GMT

GET
H/1.1 200
OK orden.gif
www.paladiny.ru/pics/ 734 B
971 B 54ms
53ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/orden.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: aba4852dfc7b5f2bafef02200c329f1cb1ae85786eb6c359efc8b05bc3b2e59f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:20 GMT
Server: nginx/1.9.2
ETag: "4865087c-2de"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 734

GET
H/1.1 200
OK dbg.gif
www.paladiny.ru/pics/ 1 KB
1 KB 116ms
62ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/dbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: ae1401ab4ddd9845a325bf809e93499c7d8bc0a52e8f032f206da67272aabcc0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:04 GMT
Server: nginx/1.9.2
ETag: "4865086c-447"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1095

GET
H/1.1 200
OK topbg.gif
www.paladiny.ru/pics/ 2 KB
2 KB 105ms
56ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/topbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 9136d411ae25e3b6095f96a4dd7a8e6e88d42af73d49bf7f447a53cf494913dc

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:40:24 GMT
Server: nginx/1.9.2
ETag: "486509e8-911"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2321

GET
H/1.1 200
OK loginbg.jpg
www.paladiny.ru/pics/ 5 KB
5 KB 110ms
60ms Image
image/jpeg 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/loginbg.jpg
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: fd7bd8899129d916ffbfa0b67e14f6dde1fd46008f042ef00dfbd7dd99361511

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:16 GMT
Server: nginx/1.9.2
ETag: "48650878-137a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4986

GET
H/1.1 200
OK lmenubg.gif
www.paladiny.ru/pics/ 75 B
310 B 114ms
64ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmenubg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: f1533d88066cf986a9dd24c2ada9e9386cbdd29793e1448af235bac55a16dbb0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:14 GMT
Server: nginx/1.9.2
ETag: "48650876-4b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75

GET
H/1.1 200
OK lmenuhbg.gif
www.paladiny.ru/pics/ 3 KB
4 KB 120ms
66ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmenuhbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: a13fa404297bf52896c2e3ddda49891e7f23c268d43a1cf04a03a2b02e32ad54

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:14 GMT
Server: nginx/1.9.2
ETag: "48650876-d30"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3376

GET
H/1.1 200
OK inf1.gif
www.paladiny.ru/images/img/ 78 B
313 B 190ms
58ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/images/img/inf1.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: 40ed9971456e7552b7bcc66b4a048f01579b9c058293947df3abf9e23ce7e34c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:30:27 GMT
Server: nginx/1.9.2
ETag: "48650793-4e"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78

GET
H/1.1 200
OK lmenurbg.gif
www.paladiny.ru/pics/ 63 B
298 B 189ms
57ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/lmenurbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: df1c3706de99045e28932083d74815c3bc1330c57de9c861e5f4e5de88ae70e4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:34:15 GMT
Server: nginx/1.9.2
ETag: "48650877-3f"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63

GET
H/1.1 200
OK blbg.gif
www.paladiny.ru/pics/ 562 B
799 B 188ms
57ms Image
image/gif 146.185.148.189
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.paladiny.ru/pics/blbg.gif
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/js/main.css
Protocol: HTTP/1.1
Server: 146.185.148.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: nihost.ru
Software: nginx/1.9.2 /
Resource Hash: c5da2474740f8762021661a2d791f5d348e1109d60b0b11c319bddb16d089836

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/js/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 10:38:29 GMT
Last-Modified: Fri, 27 Jun 2008 15:33:14 GMT
Server: nginx/1.9.2
ETag: "4865083a-232"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 562

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301310101/ 362 KB
119 KB 198ms
100ms Script
text/javascript 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5035092129732437&plah=www.paladiny.ru&bust=31072294

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

28164286b68f01dd1fc361a07c900fa3a131973c9db023b2d9d30abe6a9a030a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121511
x-xss-protection: 0
server: cafe
etag: 9964618468573742148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 Feb 2023 11:03:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/ Frame 1C58 10 KB
5 KB 210ms
43ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 58339
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 18:51:24 GMT
etag: 10353107486223812946
expires: Wed, 22 Feb 2023 18:51:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 595 B
992 B 73ms
59ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=1449916&session_id=29769363_1675940623665&session_number=1&session_event_number=1&version=3.13.8i&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.1449916.1573421654.1675940623664&adtech_uid=6b3baf13-019f-4f0e-9846-ff25d64bb5f2&adtech_uid_scope=paladiny.ru&fingerprint=pA8AAENKs1d4eHoGAQfi5QA%3D&url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&request_id=1675940623.663-355450139&event_id=757162366984390&meta=%7B%22title%22%3A%22%D0%A4%D0%BE%D1%80%D1%83%D0%BC%3A%20%D0%9E%D0%B1%D0%BE%20%D0%B2%D1%81%D1%91%D0%BC%3A%20%D0%93%D0%B4%D0%B5%20%D0%BF%D0%BE%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%220%22%7D&rn=1215335161
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 16a992224a960c618cc1c18e44a4b6301a665cad4039374421247a353bd9db75

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:43 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
server: nginx/1.19.4
x-srv: 2kraken-prod0001.ad.rambler.tech
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 595

GET
H2 200 /
kraken.rambler.ru/cnt/ 595 B
992 B 58ms
44ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&v=3.13.8i&pid=1449916&tid=t1.1449916.1573421654.1675940623664&rid=1675940623.663-355450139&fid=pA8AAENKs1d4eHoGAQfi5QA%3D&eid=942262366883960&aduid=6b3baf13-019f-4f0e-9846-ff25d64bb5f2&aduidsc=paladiny.ru&stid=29769363_1675940623665&sn=1&sen=1&ce=1&bs=1600x1200&rf&en=windows-1251&pt=%D0%A4%D0%BE%D1%80%D1%83%D0%BC%3A%20%D0%9E%D0%B1%D0%BE%20%D0%B2%D1%81%D1%91%D0%BC%3A%20%D0%93%D0%B4%D0%B5%20%D0%BF%D0%BE%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&le=0&ct=web&url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1600713802
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 16a992224a960c618cc1c18e44a4b6301a665cad4039374421247a353bd9db75

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:43 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
server: nginx/1.19.4
x-srv: 2kraken-prod0001.ad.rambler.tech
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 595

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

http://d4.c1.b4.a1.top.list.ru/counter?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.9151860070646785
https://top-fwz1.mail.ru/counter?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.9151860070646785;ver=30
https://top-fwz1.mail.ru/counter2?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.9151860070646785;ver=30

579 B
1 KB

50ms
48ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.9151860070646785;ver=30

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

741375704b2818352ff5e6c508b71dfcae58013fe935753d25a8c1c6c67c912b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:44 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 579
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Thu, 09 Feb 2023 11:03:44 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=1315949;t=57;js=13;r=;j=false;s=1600*1200;d=24;rand=0.9151860070646785;ver=30
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
605 B 156ms
58ms Script
text/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.paladiny.ru&callback=_gfp_s_&client=ca-pub-5035092129732437

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5035092129732437&plah=www.paladiny.ru&bust=31072294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

53b349a0b900f4691c34e12931916b41e3c3bb30181bdcb4ff7618f5fdf3cda0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
531 B 163ms
60ms Script
application/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.paladiny.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 164ms
61ms Script
application/javascript 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.paladiny.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C60 430 B
405 B 220ms
219ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&h=600&slotname=1332047107&adk=1460880071&adf=2290519548&pi=t.ma~as.1332047107&w=160&lmt=1675939109&format=160x600&url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&wgl=1&dt=1675940623359&bpp=6&bdt=397&idt=342&shv=r20230207&mjsv=m202301310101&ptt=9&saldr=aa&abxe=1&correlator=880080748594&frm=20&pv=2&ga_vid=388564781.1675940624&ga_sid=1675940624&ga_hid=132670522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31072294&oid=2&pvsid=3487259986629793&tmod=776354890&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bKSqYGggY0&p=http%3A//www.paladiny.ru&dtd=580

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

0a3fc662c48f76f65dd1f7804fe5e8c7797762acb1106e3eabf6b972fb5c0aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:03:44 GMT
expires: Thu, 09 Feb 2023 11:03:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aci.js Show response
www.acint.net/ 24 KB
8 KB 183ms
58ms Script
application/x-javascript 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/291/2/5291.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: eaba4c606dbd8ce6ad26a8bb999d30e855f8c1c5e194dc675b459c60679e8cb0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:44 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 13:54:08 GMT
server: openresty
etag: "63dbc080-1e68"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7784
expires: Thu, 09 Feb 2023 23:03:44 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3793 207 KB
53 KB 391ms
390ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5035092129732437&output=html&adk=1812271804&adf=3025194257&lmt=1675939109&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&ea=0&pra=7&wgl=1&dt=1675940623963&bpp=3&bdt=1001&idt=3&shv=r20230207&mjsv=m202301310101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=880080748594&frm=20&pv=1&ga_vid=388564781.1675940624&ga_sid=1675940624&ga_hid=132670522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31072294&oid=2&pvsid=3487259986629793&tmod=776354890&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=19

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

30ee3b9414b3b7368ab7d4e7b571f2c4c0e841e32911497a84798e283f172064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 54042
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:03:44 GMT
expires: Thu, 09 Feb 2023 11:03:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
587 B 228ms
136ms Script
application/javascript 193.3.184.212
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_63e4d30ff_28096299&srtbid=5291&scids=161201908,164073619&sx=1600&sy=2276&ref=&u=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&allimps=1&fl=0&v=3&tz=%2B00%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/291/2/5291.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.212 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: a59acdbcb51f14636fb0d8aed572f48bb964eb4cacf99f6fbb294ed422e591c9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:03:44 GMT
Content-Encoding: gzip
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 50
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 162 KB
57 KB 380ms
149ms Script
application/javascript 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/291/2/5291.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

28e61bfe4ec59cb82441109a6d54ee0bd7178bb3f9c0c27fb0e62bc31e2b4bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-e31c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58140
expires: Thu, 09 Feb 2023 12:03:44 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
342 B 143ms
52ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A1196%7D&sid=63e4d30f-f645-a0sl-ozpq-5l4mqarmnagd&ref=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=1675940624
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
340 B 222ms
131ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A13499%2C%22ev%22%3A%22loadFree%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=63e4d30f-f645-a0sl-ozpq-5l4mqarmnagd&ref=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=1675940624
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
340 B 216ms
126ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=5291.13499.161201908.0.0.0&sid=63e4d30f-f645-a0sl-ozpq-5l4mqarmnagd&ref=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=1675940624
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
341 B 218ms
128ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A13499%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=63e4d30f-f645-a0sl-ozpq-5l4mqarmnagd&ref=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=1675940624
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
340 B 222ms
133ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A692898%2C%22ev%22%3A%22loadFree%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=63e4d30f-f645-a0sl-ozpq-5l4mqarmnagd&ref=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=1675940624
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 54ms
50ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=5291.692898.164073619.0.0.0&sid=63e4d30f-f645-a0sl-ozpq-5l4mqarmnagd&ref=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=1675940624
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 55ms
51ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A692898%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=63e4d30f-f645-a0sl-ozpq-5l4mqarmnagd&ref=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=1675940624
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame EEBD
Redirect Chain

http://www.acint.net/mc/?dp=14
https://www.acint.net/mc/?dp=14

4 KB
4 KB

49ms
44ms

Document
text/html

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=14
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: 628f760ac64a37c0b9c0c55fa5e5a70343b90a87decd05889c72571253d29818

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 09 Feb 2023 11:03:44 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

Connection: keep-alive
Content-Length: 142
Content-Type: text/html
Date: Thu, 09 Feb 2023 11:03:44 GMT
Location: https://www.acint.net/mc/?dp=14
Server: openresty

GET
H2

200

oci.js Show response
www.acint.net/
Redirect Chain

http://www.acint.net/oci.js?t=1675940624249
https://www.acint.net/oci.js?t=1675940624249

31 KB
14 KB

47ms
45ms

Script
application/x-javascript

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/oci.js?t=1675940624249
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: 8383d899b4b78414edd75f2b16662f7235dfd02144466f31f27b35332d5f2f97

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:44 GMT
content-encoding: gzip
last-modified: Mon, 09 Jan 2023 08:01:12 GMT
server: openresty
etag: W/"63bbc9c8-7dac"
content-type: application/x-javascript

Redirect headers

Location: https://www.acint.net/oci.js?t=1675940624249
Date: Thu, 09 Feb 2023 11:03:44 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=22028536&u=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=&rs=...
https://www.acint.net/hit/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=22028536&u=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=&rs...

43 B
224 B

43ms
42ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=22028536&u=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=&rs=1600x1200&t=%D0%A4%D0%BE%D1%80%D1%83%D0%BC%3A%20%D0%9E%D0%B1%D0%BE%20%D0%B2%D1%81%D1%91%D0%BC%3A%20%D0%93%D0%B4%D0%B5%20%D0%BF%D0%BE%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&oE=1&oP=1&dT=2023-02-09T11%3A03%3A44.241&fu=abad7aaa-c7e4-4ea8-ab53-b3312237a928
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=22028536&u=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=&rs=1600x1200&t=%D0%A4%D0%BE%D1%80%D1%83%D0%BC%3A%20%D0%9E%D0%B1%D0%BE%20%D0%B2%D1%81%D1%91%D0%BC%3A%20%D0%93%D0%B4%D0%B5%20%D0%BF%D0%BE%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&oE=1&oP=1&dT=2023-02-09T11%3A03%3A44.241&fu=abad7aaa-c7e4-4ea8-ab53-b3312237a928
Date: Thu, 09 Feb 2023 11:03:44 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 56ms
44ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=5291.13499.161201908.0.0.0&sid=63e4d30f-f645-a0sl-ozpq-5l4mqarmnagd&ref=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=1675940624
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
DATA 200
OK truncated
/ 612 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74dcd398eafd7dbc3d07b76625839f63f464de97b26adca97ac30883cf79b0d9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 56ms
45ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A13499%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=63e4d30f-f645-a0sl-ozpq-5l4mqarmnagd&ref=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=1675940624
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 57ms
46ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A13499%2C%22ev%22%3A%22stub%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=63e4d30f-f645-a0sl-ozpq-5l4mqarmnagd&ref=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=1675940624
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 47ms
45ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=5291.692898.164073619.0.0.0&sid=63e4d30f-f645-a0sl-ozpq-5l4mqarmnagd&ref=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=1675940624
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 48ms
47ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A5291%2C%22sc%22%3A0%2C%22pl%22%3A692898%2C%22ev%22%3A%22stub%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=63e4d30f-f645-a0sl-ozpq-5l4mqarmnagd&ref=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&r=1675940624
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301310101/ 150 KB
51 KB 95ms
93ms Script
text/javascript 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301310101/reactive_library_fy2021.js?bust=31072294

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

5c3ddff3d745944937fcb213034b19a846ee081eda10726f252e165d2538bf94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52261
x-xss-protection: 0
server: cafe
etag: 839180827760499524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Feb 2023 11:03:44 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame EEBD
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F10D3E463B200A2500206C1DB
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F10D3E463B200A2500206C1DB&crf=1

68 B
607 B

51ms
51ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F10D3E463B200A2500206C1DB&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007F10D3E463B200A2500206C1DB&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame EEBD
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=1C03420A10D3E4632200209D025FA71D

43 B
269 B

132ms
97ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=1C03420A10D3E4632200209D025FA71D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:44 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Thu, 09 Feb 2023 11:03:44 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=1C03420A10D3E4632200209D025FA71D
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame EEBD
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F10D3E463B200A2500206C1DB
https://px.adhigh.net/p/cm/sape?u=0100007F10D3E463B200A2500206C1DB&bounced=1
https://acint.net/match?dp=17&euid=u70yg4mvtNml.AikABlGGNdh6CA

43 B
269 B

71ms
71ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=u70yg4mvtNml.AikABlGGNdh6CA
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:03:44 GMT
server: nginx
x-backend-id: f14-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://acint.net/match?dp=17&euid=u70yg4mvtNml.AikABlGGNdh6CA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cm.gif
ad.mail.ru/ Frame EEBD 43 B
302 B 372ms
80ms Image
image/gif 95.163.41.56
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F10D3E463B200A2500206C1DB
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.163.41.56 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: r.mail.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:44 GMT
last-modified: Thu, 09 Feb 2023 11:03:44 GMT
server: nginx
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
content-type: image/gif
cache-control: max-age=21600
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 43
expires: Thu, 09 Feb 2023 17:03:44 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame EEBD
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4776700879
https://www.acint.net/rmatch?dp=45&euid=AYdBxGYbMjOPXeaoaHiaO_Q&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F10D3E463B200A2500206C1DB

42 B
201 B

309ms
72ms

Image
image/gif

81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F10D3E463B200A2500206C1DB
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:03:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Thu, 09 Feb 2023 11:03:45 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F10D3E463B200A2500206C1DB
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame EEBD 0
775 B 209ms
91ms Image
text/plain 172.67.217.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=Sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpNe1JvFlsiOros%2BljeQSCKeDfhS9exlqMk%2FFiWtD4enD8M5YG8P4ocbKvNx5%2F%2FTDqKba8fUxLESsEv3ntvhkip7QUvB8Kk7K4ngrrIZQM4zQKEmEcXvo5D9XBrd8AQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 796c1ec88af03bcb-WAW
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 match
dm-eu.hybrid.ai/ Frame EEBD 0
282 B 247ms
104ms Image
text/plain 37.18.103.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007F10D3E463B200A2500206C1DB

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.22 , Netherlands, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:03:44 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://www.acint.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 526
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame EEBD 3 KB
3 KB 354ms
64ms Script
application/javascript 185.15.175.131
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.131 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:03:44 GMT
Last-Modified: Thu, 09 Feb 2023 10:34:34 GMT
Server: nginx
ETag: "63e4cc3a-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame EEBD 0
70 B 382ms
91ms Image
text/plain 116.202.85.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F10D3E463B200A2500206C1DB
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.85.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.85.202.116.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Feb 2023 11:03:44 GMT
server: nginx/1.17.10

GET
H2

200

match
www.acint.net/ Frame EEBD
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://www.acint.net/match?dp=71&euid=c97d5c8d-6625-4eb2-b956-c70aa3630564

43 B
269 B

99ms
45ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=c97d5c8d-6625-4eb2-b956-c70aa3630564
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Thu, 09 Feb 2023 11:03:45 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://www.acint.net/match?dp=71&euid=c97d5c8d-6625-4eb2-b956-c70aa3630564
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame EEBD 42 B
201 B 392ms
152ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F10D3E463B200A2500206C1DB
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:03:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame EEBD
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=PBCSSPRR

43 B
269 B

111ms
110ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=PBCSSPRR
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=PBCSSPRR
Date: Thu, 09 Feb 2023 11:03:45 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 74
Content-Type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame EEBD
Redirect Chain

https://sync.adspend.space/sape?uid=0100007F10D3E463B200A2500206C1DB
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3De194715e-3894-4ffa-88b4-9185f49bc739
https://www.acint.net/match?dp=98&euid=e194715e-3894-4ffa-88b4-9185f49bc739

43 B
269 B

96ms
44ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=98&euid=e194715e-3894-4ffa-88b4-9185f49bc739
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=98&euid=e194715e-3894-4ffa-88b4-9185f49bc739
date: Thu, 09 Feb 2023 11:03:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 102
content-type: text/html; charset=utf-8

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame EEBD 12 B
155 B 296ms
144ms Image
text/html 87.242.89.90
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F10D3E463B200A2500206C1DB
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:45 GMT
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
server: elb
accept-ranges: bytes
etag: "63d8131e-c"
content-length: 12
content-type: text/html

GET
H2

200

match
www.acint.net/ Frame EEBD
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=aBX7MOvQQE62

43 B
269 B

49ms
48ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=aBX7MOvQQE62
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=aBX7MOvQQE62
Date: Thu, 09 Feb 2023 11:03:45 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame EEBD
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=ac80b17c-a83d-5228-899e-857cea7a566c

43 B
269 B

118ms
117ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=ac80b17c-a83d-5228-899e-857cea7a566c
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=ac80b17c-a83d-5228-899e-857cea7a566c
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame EEBD
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=38e0500cf188436d89e2940f2f474633

43 B
269 B

49ms
48ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=38e0500cf188436d89e2940f2f474633
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=38e0500cf188436d89e2940f2f474633
date: Thu, 09 Feb 2023 11:03:44 GMT
server: Microsoft-IIS/10.0

GET
H2

200

match
www.acint.net/ Frame EEBD
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F10D3E463B200A2500206C1DB
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F10D3E463B200A2500206C1DB
https://tech.rtb.mts.ru/?dsp_uid=bd217a8e-ac17-4fa1-a99f-8fe38e608fb6&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FvSF6jqwXT6Gpn4_jjmCPtg%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/vSF6jqwXT6Gpn4_jjmCPtg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=184223085
https://sm.rtb.mts.ru/em?next=30&em=0
https://www.acint.net/match?dp=125&euid=bd217a8e-ac17-4fa1-a99f-8fe38e608fb6

43 B
269 B

48ms
42ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=125&euid=bd217a8e-ac17-4fa1-a99f-8fe38e608fb6
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Thu, 09 Feb 2023 11:03:46 GMT
Server: nginx
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Location: https://www.acint.net/match?dp=125&euid=bd217a8e-ac17-4fa1-a99f-8fe38e608fb6
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame EEBD
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=b429c851-1eb9-4b07-4a37-bf97c9ba7034

43 B
269 B

44ms
44ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=b429c851-1eb9-4b07-4a37-bf97c9ba7034
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=b429c851-1eb9-4b07-4a37-bf97c9ba7034
date: Thu, 09 Feb 2023 11:03:46 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame EEBD
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0100007F10D3E463B200A2500206C1DB
https://www.acint.net/match?dp=127&euid=DfgeJUyhWE9S8a0SSq9I

43 B
269 B

81ms
44ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=DfgeJUyhWE9S8a0SSq9I
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=DfgeJUyhWE9S8a0SSq9I
date: Thu, 09 Feb 2023 11:03:45 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
www.acint.net/ Frame EEBD
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=l8y198uksj

43 B
269 B

79ms
35ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=l8y198uksj
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:03:45 GMT
server: nginx/1.22.0
surrogate-control: no-store
vary: Origin
access-control-allow-origin: *
location: https://www.acint.net/match?dp=129&euid=l8y198uksj
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 4f053c2c-ef99-40c7-9e0f-0e5e1c21a46f
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame EEBD 0
215 B 454ms
70ms Image
text/plain 217.65.2.150
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F10D3E463B200A2500206C1DB
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Feb 2023 11:03:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2

204

0.gif
x01.aidata.io/ Frame EEBD
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F10D3E463B200A2500206C1DB
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F10D3E463B200A2500206C1DB&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
433 B

49ms
48ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:03:46 GMT
last-modified: Thu, 09 Feb 2023 11:03:45 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Thu, 09 Feb 2023 11:03:45 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Thu, 09 Feb 2023 11:03:46 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 324
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

sape.js
sync.gonet-ads.com/match/ Frame EEBD
Redirect Chain

https://sync.gonet-ads.com/match/sape.js?id=0100007F10D3E463B200A2500206C1DB
https://sync.gonet-ads.com/match/sape.js?id=0100007F10D3E463B200A2500206C1DB&chk=1

342 B
342 B

141ms
140ms

Image
application/javascript

188.42.105.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.gonet-ads.com/match/sape.js?id=0100007F10D3E463B200A2500206C1DB&chk=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Server

188.42.105.220 , Luxembourg, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

Redirect headers

date: Thu, 09 Feb 2023 11:03:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
location: https://sync.gonet-ads.com/match/sape.js?id=0100007F10D3E463B200A2500206C1DB&chk=1
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame EEBD
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0100007F10D3E463B200A2500206C1DB
https://sync.bumlam.com/?src=sap1&s_data=CAIQARiRppOfBmIgMDEwMDAwN0YxMEQzRTQ2M0IyMDBBMjUwMDIwNkMxREKiARBsIUhWqGkR7YbgACWQwGR8

0
523 B

112ms
45ms

Image
text/html

31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARiRppOfBmIgMDEwMDAwN0YxMEQzRTQ2M0IyMDBBMjUwMDIwNkMxREKiARBsIUhWqGkR7YbgACWQwGR8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Server: 31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Thu, 09 Feb 2023 11:03:45 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Thu, 09 Feb 2023 11:03:45 GMT
Server: nginx
ETag: 6c214856-a869-11ed-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiRppOfBmIgMDEwMDAwN0YxMEQzRTQ2M0IyMDBBMjUwMDIwNkMxREKiARBsIUhWqGkR7YbgACWQwGR8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET

/
6c214856-a869-11ed-86e0-002590c0647c.n7.sync.bumlam.com/ Frame EEBD
Redirect Chain

https://pix.bumlam.com/sync/sape/check?sspuid=0100007F10D3E463B200A2500206C1DB
https://sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/sync_ok?guid=6c214856-a869-11ed-86e0-002590c0647c
https://6c214856-a869-11ed-86e0-002590c0647c.n7.sync.bumlam.com/?src=sape

0
0

GET
H2 200 0100007F10D3E463B200A2500206C1DB
an.yandex.ru/mapuid/sapeis/ Frame EEBD 43 B
387 B 591ms
64ms Image
image/gif 93.158.134.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F10D3E463B200A2500206C1DB

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:03:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 09 Feb 2023 11:03:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 09 Feb 2023 11:03:45 GMT

GET
H/1.1 200
OK cm
nr.bidderstack.com/sape/ Frame EEBD 44 B
224 B 273ms
119ms Image
image/gif 23.88.12.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr.bidderstack.com/sape/cm?user_id=0100007F10D3E463B200A2500206C1DB
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.88.12.14 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.14.12.88.23.clients.your-server.de
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:03:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 44
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame EEBD
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=0100007F10D3E463B200A2500206C1DB
https://www.acint.net/match?dp=186&euid=3e63e46b-57f8-4c2a-b9c3-fc767f1bedb7

43 B
269 B

102ms
101ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=3e63e46b-57f8-4c2a-b9c3-fc767f1bedb7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Thu, 09 Feb 2023 11:03:45 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=3e63e46b-57f8-4c2a-b9c3-fc767f1bedb7
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 400
Bad Request user-sync
sync.adkernel.com/ Frame EEBD 22 B
22 B 327ms
83ms Image
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Feb 2023 11:03:46 GMT
Cache-Control: no-store
Server: nginx
Connection: close
Age: 0
Content-Length: 22

GET
H2

200

RTBSape
sync.programmatica.com/match/ Frame EEBD
Redirect Chain

https://sync.programmatica.com/match/RTBSape?id=0100007F10D3E463B200A2500206C1DB
https://sync.programmatica.com/match/RTBSape?id=0100007F10D3E463B200A2500206C1DB&chk=1

43 B
260 B

57ms
51ms

Image
image/gif

167.235.117.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.programmatica.com/match/RTBSape?id=0100007F10D3E463B200A2500206C1DB&chk=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Server

167.235.117.41 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.41.117.235.167.clients.your-server.de

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.programmatica.com/match/RTBSape?id=0100007F10D3E463B200A2500206C1DB&chk=1
date: Thu, 09 Feb 2023 11:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/71281900/
Redirect Chain

https://mc.yandex.ru/watch/71281900?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&browser-inf...
https://mc.yandex.ru/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&browser-i...

428 B
483 B

93ms
92ms

XHR
application/json

87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A348%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A716529493898%3Ahid%3A880395513%3Az%3A0%3Ai%3A20230209110344%3Aet%3A1675940625%3Ac%3A1%3Arn%3A866988473%3Arqn%3A1%3Au%3A16759406251021875446%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A37%2C45%2C108%2C45%2C%2C0%2C%2C962%2C35%2C%2C%2C%2C1199%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675940622764%3Arqnl%3A1%3Ast%3A1675940625%3At%3A%D0%A4%D0%BE%D1%80%D1%83%D0%BC%3A%20%D0%9E%D0%B1%D0%BE%20%D0%B2%D1%81%D1%91%D0%BC%3A%20%D0%93%D0%B4%D0%B5%20%D0%BF%D0%BE%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0

Protocol

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

e0b62efbecd5715ccfb25631dad2a14efd3ff969eaaddfa5e827100a2fefa881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:03:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 09-Feb-2023 11:03:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.paladiny.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Thu, 09-Feb-2023 11:03:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:03:44 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09-Feb-2023 11:03:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&charset=utf-8&site-info=%7B%22site_id%22%3A5291%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A348%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A716529493898%3Ahid%3A880395513%3Az%3A0%3Ai%3A20230209110344%3Aet%3A1675940625%3Ac%3A1%3Arn%3A866988473%3Arqn%3A1%3Au%3A16759406251021875446%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A37%2C45%2C108%2C45%2C%2C0%2C%2C962%2C35%2C%2C%2C%2C1199%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675940622764%3Arqnl%3A1%3Ast%3A1675940625%3At%3A%D0%A4%D0%BE%D1%80%D1%83%D0%BC%3A%20%D0%9E%D0%B1%D0%BE%20%D0%B2%D1%81%D1%91%D0%BC%3A%20%D0%93%D0%B4%D0%B5%20%D0%BF%D0%BE%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://www.paladiny.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 09-Feb-2023 11:03:44 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/91568663/
Redirect Chain

https://mc.yandex.ru/watch/91568663?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2263e4d30f-f645-a...
https://mc.yandex.ru/watch/91568663/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2263e4d30f-f645...

435 B
518 B

92ms
92ms

XHR
application/json

87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/91568663/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2263e4d30f-f645-a0sl-ozpq-5l4mqarmnagd%22%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A348%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A374357609835%3Ahid%3A880395513%3Az%3A0%3Ai%3A20230209110344%3Aet%3A1675940625%3Ac%3A1%3Arn%3A642638660%3Arqn%3A1%3Au%3A16759406251021875446%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A37%2C45%2C108%2C45%2C%2C0%2C%2C962%2C35%2C%2C%2C%2C1199%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675940622764%3Arqnl%3A1%3Ast%3A1675940625%3At%3A%D0%A4%D0%BE%D1%80%D1%83%D0%BC%3A%20%D0%9E%D0%B1%D0%BE%20%D0%B2%D1%81%D1%91%D0%BC%3A%20%D0%93%D0%B4%D0%B5%20%D0%BF%D0%BE%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0

Protocol

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

bfc9e29fe3855562270904a8fb4df7444e8e346c41495c10138ffc3d7c65d0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:03:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 09-Feb-2023 11:03:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.paladiny.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Thu, 09-Feb-2023 11:03:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:03:44 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09-Feb-2023 11:03:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/91568663/1?wmode=7&page-url=http%3A%2F%2Fwww.paladiny.ru%2Fforummess.magic.php%3FTopicID%3D22487%26Offset%3D0&charset=utf-8&site-info=%7B%22srtb_sid%22%3A%2263e4d30f-f645-a0sl-ozpq-5l4mqarmnagd%22%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A348%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A374357609835%3Ahid%3A880395513%3Az%3A0%3Ai%3A20230209110344%3Aet%3A1675940625%3Ac%3A1%3Arn%3A642638660%3Arqn%3A1%3Au%3A16759406251021875446%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A37%2C45%2C108%2C45%2C%2C0%2C%2C962%2C35%2C%2C%2C%2C1199%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675940622764%3Arqnl%3A1%3Ast%3A1675940625%3At%3A%D0%A4%D0%BE%D1%80%D1%83%D0%BC%3A%20%D0%9E%D0%B1%D0%BE%20%D0%B2%D1%81%D1%91%D0%BC%3A%20%D0%93%D0%B4%D0%B5%20%D0%BF%D0%BE%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://www.paladiny.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 09-Feb-2023 11:03:44 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
187 B 111ms
101ms Image
image/gif 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:44 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 09 Feb 2023 12:03:44 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
165 B 67ms
66ms Script
application/javascript 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.paladiny.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 80ms
79ms Script
application/javascript 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.paladiny.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/ Frame 6B22 10 KB
4 KB 40ms
39ms Document
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 26950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 03:34:34 GMT
etag: 10353107486223812946
expires: Thu, 23 Feb 2023 03:34:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame EEBD 16 KB
16 KB 169ms
148ms Script
application/javascript 185.15.175.131
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=685591582285781
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.131 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:03:45 GMT
Last-Modified: Thu, 09 Feb 2023 10:34:35 GMT
Server: nginx
ETag: "63e4cc3b-3e14"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15892

GET
H2 200 css2
fonts.googleapis.com/ Frame 6B22 4 KB
1 KB 323ms
62ms Stylesheet
text/css 142.251.39.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f10.1e100.net

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Feb 2023 11:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 10:11:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Feb 2023 11:03:45 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6B22 205 B
295 B 301ms
42ms Image
image/png 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 21:52:38 GMT
x-content-type-options: nosniff
age: 47467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 08 Feb 2024 21:52:38 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6B22 604 B
1 KB 299ms
40ms Image
image/png 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:45:02 GMT
x-content-type-options: nosniff
age: 37123
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Feb 2024 00:45:02 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/elements/html/ Frame 6B22 20 KB
9 KB 301ms
43ms Script
text/javascript 142.250.201.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f1.1e100.net

Software

cafe /

Resource Hash

8825fb2a03439772129529a38dcb7627e31c50fef7e9858b641afab742d060a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 07:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8363
x-xss-protection: 0
server: cafe
etag: 13687106600067785872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Feb 2023 07:08:15 GMT

GET
H2

200

/
www.acint.net/oci/
Redirect Chain

http://www.acint.net/oci/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=03256342&oid=cc832357f3a5bb7e069af0ed5ebf3cee
https://www.acint.net/oci/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=03256342&oid=cc832357f3a5bb7e069af0ed5ebf3cee

43 B
224 B

74ms
74ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/oci/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=03256342&oid=cc832357f3a5bb7e069af0ed5ebf3cee
Requested by: Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/oci/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=03256342&oid=cc832357f3a5bb7e069af0ed5ebf3cee
Date: Thu, 09 Feb 2023 11:03:45 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame F9C1 8 KB
968 B 74ms
73ms Stylesheet
text/css 142.251.39.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f10.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Feb 2023 11:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 10:10:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Feb 2023 11:03:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame F9C1 2 KB
846 B 59ms
58ms Script
text/javascript 142.250.201.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame F9C1 22 KB
9 KB 58ms
54ms Script
text/javascript 142.250.201.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f1.1e100.net

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame F9C1 3 KB
1 KB 91ms
88ms Script
text/javascript 142.250.201.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame F9C1 18 KB
8 KB 58ms
56ms Script
text/javascript 142.250.201.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f1.1e100.net

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:25:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9C1 156 KB
48 KB 438ms
199ms Script
text/javascript 172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f2.1e100.net

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 11:03:45 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame F9C1 33 KB
14 KB 59ms
57ms Script
text/javascript 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 04:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 May 2023 04:54:22 GMT

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 16EE 36 KB
14 KB 93ms
92ms Script
text/javascript 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: www.paladiny.ru
URL: http://www.paladiny.ru/forummess.magic.php?TopicID=22487&Offset=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 14:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 14:27:07 GMT

GET
H2

200

counter
top-fwz1.mail.ru/ Frame EEBD
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=433863878424313.19465417233657&a=77&e=0100007F10D3E463B200A2500206C1DB&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0100007F10D3E463B200A2500206C1DB.syn...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675940626354&i=433863878424313.19465417233657&a=77&e=0100007F10D3E463B200A2500206C1DB&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:...
https://top-fwz1.mail.ru/counter?id=3210372;pid=-xvlreoLuzgPM327TJF1

43 B
874 B

63ms
63ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=-xvlreoLuzgPM327TJF1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Thu, 09 Feb 2023 11:03:46 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 30
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=-xvlreoLuzgPM327TJF1
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

counter
top-fwz1.mail.ru/ Frame EEBD
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=433863878424313.907191123093570&a=77&e=0100007F10D3E463B200A2500206C1DB&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss:77.up:0100007F10D3E463B200A2500206C1DB.sy...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675940626352&i=433863878424313.907191123093570&a=77&e=0100007F10D3E463B200A2500206C1DB&pref=http%3A%2F%2Fwww.paladiny.ru%2F&c=ss...
https://top-fwz1.mail.ru/counter?id=3210372;pid=-xvlreoLuzgPM327TJF1

43 B
872 B

61ms
59ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=-xvlreoLuzgPM327TJF1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Thu, 09 Feb 2023 11:03:46 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 21
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=-xvlreoLuzgPM327TJF1
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 173ms
83ms XHR
application/json 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

acede588e9f65290b48c0dc26838ccc29cccbb295c3522e4eff2aef78f950ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11188
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 437ms
435ms Script
text/javascript 142.250.201.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 11:03:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 068A 13 KB
5 KB 39ms
38ms Document
text/html 142.250.201.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 108564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 04:54:23 GMT
expires: Thu, 08 Feb 2024 04:54:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 925C 783 B
1 KB 274ms
123ms Document
text/html 142.250.180.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f4.1e100.net

Software

GSE /

Resource Hash

8699eba17aa446f696164a3e14a19d1cfe088be49c3b7d6ba3e890e91953a15c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yO7KMfTBsqFcAfm_pStqeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.paladiny.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-yO7KMfTBsqFcAfm_pStqeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:03:47 GMT
expires: Thu, 09 Feb 2023 11:03:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 068A 36 KB
14 KB 76ms
76ms Script
text/javascript 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 14:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 14:27:07 GMT

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=66306413&dT=2023-02-09T11%3A03%3A47.248
https://www.acint.net/ping/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=66306413&dT=2023-02-09T11%3A03%3A47.248

43 B
224 B

83ms
65ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=66306413&dT=2023-02-09T11%3A03%3A47.248
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 09 Feb 2023 11:03:47 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.5.1&uid=6fb10889-a7f3-4149-a338-f6b57c2484df&dp=14&tz=%2B00%3A00&nc=66306413&dT=2023-02-09T11%3A03%3A47.248
Date: Thu, 09 Feb 2023 11:03:47 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 068A 0
10 B 47ms
46ms Image
text/plain 142.250.201.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?H7flmg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s35-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:03:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 925C 0
0 94ms
91ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230207&jk=3487259986629793&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s38-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230207&jk=3487259986629793&bg=!Y2ClYDTNAAaq5O5FiuQ7ADkAdvg8WiQrJ26zLkH4AGNgR6q7N2RYZOwwp0qtlE1e95ZnUNHc_A0NxbXD2WY-n-iuuNLqWu7lOwECAAABIFIAAAAEaAEHmQKYK_1EhA5lwExVqw_B-i6NIq5PfwSzHyDEQuqsrZmACb8Mg59D1WGDjtrh_mv2xVTG1UE6kOgs-YDr4DD5lp8lvEHxmkem78Xw-0q45dXmguCcIlHdZ4Ck_9if7KhsidtJh0w0EM0cDypgId3hKTYD3j_3RC40dj67p4xQQi4U0ZNJHWJL6DnepblsjxRbOGuS6wkNd6wqC4nfwFxb9ySmyo1Yw0DeIKbdE2Z_FcROPneYw7wDQnYKTFouj2JNOxdU8t1pwBFV4mZeEPhEbVNjlUrxuJEcbde32KEB-8RYJ3IHxNTZSh8EOu9VhLIXkRxObQSEBimepHVmogig73Wr7_F2zDvJkoXYL84Wc7Qim7ygQ4qn-BoHKPHlZiBq_at_L2f59UySY-NmZnHA8-bJtM5sAQQqPDrGvnqg5oe_YovdyzvmUALj2ssBn7a0WluoEU81P7j45ABlKSujWa-1UNxBpsmGiPvxYdU2HKy00RUYjvutU1TxeD1RGcFW8A7i2xltQv3BfFfdlQPbgKC_ETJ-UeqPAF3EfBz0EIQJCvhXuOEhT-5AH0iI1KHI-1vBK4cDmqnXnQkypxm3jkx0Zggfv6SOTRYuZ5mYAgpL9OTBdYaXMPe8qWJW7KyasRXX7KeNbWIutp_a4LangKt7rNeFa97WQK4Rnyb50ojDWDUh-KjBinvFoGmluvpJzFjKbINS85_Cr8nJOw4XX_Dgjp6tRVColtrvRSEFPVBrV9iXzcFlHyHudb8pSCUTch-78L9Iqdet3H9zhW7WHF8Jhb5wln-b1VeBgqXGFoKSjiWom8yExlHdzGME4sRXGJrAUUTSMsl9YPafaabgAUJhyNJ_kiwqYh69EvjGlWjyPXDe19jOsO21Kg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s38-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.paladiny.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 6c214856-a869-11ed-86e0-002590c0647c.n7.sync.bumlam.com
URL: https://6c214856-a869-11ed-86e0-002590c0647c.n7.sync.bumlam.com/?src=sape

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.paladiny.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: b1b3d82ab6c443a9439adb24f732dd27
.rambler.ru/	1970-01-20 19:08:20	Name: ruid Value: 1CIAAA/T5GOiuQBXAdUVVQB=
.paladiny.ru/	1970-01-20 18:17:56	Name: adtech_uid Value: 6b3baf13-019f-4f0e-9846-ff25d64bb5f2%3Apaladiny.ru
.paladiny.ru/	1970-01-20 18:17:56	Name: top100_id Value: t1.1449916.1573421654.1675940623664
.paladiny.ru/	1970-01-20 19:08:20	Name: last_visit Value: 1675940623666%3A%3A1675940623666
.paladiny.ru/	1970-01-20 18:17:56	Name: t3_sid_1449916 Value: s1.29769363.1675940623665.1675940623669.1.2
.paladiny.ru/	1970-01-20 18:53:56	Name: __gads Value: ID=830bae6dfffc231a-22db5a86e0db0045:T=1675940624:RT=1675940624:S=ALNI_MbD1Ha1xrMgtYLhjHQ5Ao0GE5xyZw
.paladiny.ru/	1970-01-20 18:53:56	Name: __gpi Value: UID=00000bb2c0eb2f45:T=1675940624:RT=1675940624:S=ALNI_MasE_ODSvEBMXVytp6AVVq3LB-uFQ
.doubleclick.net/	1970-01-20 09:32:21	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 19:08:20	Name: aid Value: fwAAAWPk0xBQogCy28EGAlkjvtv/m4dS61I3ND47vrpuvIjc
.ssp-rtb.sape.ru/	1970-01-20 19:08:20	Name: sspuid Value: CkIDHGPk0xCdIAAiHadfAmwinG8Nq+tEywzKzslEEGyP91eM
www.paladiny.ru/	1970-01-20 19:08:20	Name: fid Value: abad7aaa-c7e4-4ea8-ab53-b3312237a928
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp7v2 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp14v3 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp17 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp32 Value: 1675940624
.acint.net/	1970-01-20 09:33:47	Name: cSyncDp45v3 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp53v2 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp62 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp67v2 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp68 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp71 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp85 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp95v3 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp98v2 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp101 Value: 1675940624
.acint.net/	1970-01-20 09:52:30	Name: cSyncDp104v2 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp107 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp110 Value: 1675940624
.acint.net/	1970-01-20 09:53:56	Name: cSyncDp125v3 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp126 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp127 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp129 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp136v2 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp146 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp148v1 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp149v2 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp151 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp178 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp186 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp221 Value: 1675940624
.acint.net/	1970-01-20 10:15:32	Name: cSyncDp235 Value: 1675940624
.paladiny.ru/	1970-01-20 18:17:56	Name: _ym_uid Value: 16759406251021875446
.paladiny.ru/	1970-01-20 18:17:56	Name: _ym_d Value: 1675940625
.yandex.ru/	1970-01-20 18:17:56	Name: ymex Value: 1707476624.yc.1675940624#1707476624.yrts.1675940624#1707476624.yrtsi.1675940624
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2334173491675940624
.yandex.ru/	1970-01-20 19:08:20	Name: i Value: HN0cIVS3kDWmpSiTTil6AuVFyrkAN1SxyzFSeLVlyXpTlQMcWKvvOowgHCJSDyCXNjAKMJsRzJrSGEdxBu1EcD1YOuE=
.yandex.ru/	1970-01-20 18:17:56	Name: yandexuid Value: 4268391351675940624
.yandex.ru/	1970-01-20 18:17:56	Name: yuidss Value: 4268391351675940624
.betweendigital.com/	1970-01-20 18:17:56	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 18:17:56	Name: tuuid Value: ac80b17c-a83d-5228-899e-857cea7a566c
.betweendigital.com/	1970-01-20 18:17:56	Name: ss Value: 1
.utraff.com/	1970-01-20 10:15:43	Name: preutid Value: 1
.adhigh.net/	1970-01-20 18:17:56	Name: gi_u Value: u70yg4mvtNml.AikABlGGNdh6CA
.upravel.com/	1970-01-20 09:32:20	Name: session_tptc Value: 1675940624909
.paladiny.ru/	1970-01-20 09:33:32	Name: _ym_isad Value: 2
.adriver.ru/	1970-01-20 19:08:20	Name: cid Value: AYdBxGYbMjOPXeaoaHiaO_Q
.adhigh.net/	1970-01-20 18:17:56	Name: sape_sync Value: LKpI
.betweendigital.com/	1970-01-20 18:17:56	Name: ut Value: Y-TTEAAPE2BcrEn0nn94DGUscHsBn_IXW_L2Uw==
sync.adspend.space/	1970-01-20 18:17:56	Name: as-user Value: e194715e-3894-4ffa-88b4-9185f49bc739
.upravel.com/	1970-01-20 19:08:20	Name: user_id Value: c97d5c8d-6625-4eb2-b956-c70aa3630564
www.paladiny.ru/	1970-01-20 19:08:20	Name: _ac_oid Value: cc832357f3a5bb7e069af0ed5ebf3cee%3A1675944225335
.rutarget.ru/	1970-01-20 13:51:32	Name: userId Value: aBX7MOvQQE62
.mts.ru/	1970-01-20 18:04:59	Name: dspid Value: bd217a8e-ac17-4fa1-a99f-8fe38e608fb6
.uuidksinc.net/	1970-01-20 18:17:56	Name: jcsuuid Value: DfgeJUyhWE9S8a0SSq9I
.aidata.io/	1970-01-20 19:08:20	Name: __upin Value: x75PBxVLT1dfNzWMdHSKoA
.aidata.io/	1970-01-20 19:08:20	Name: __upints Value: 1675940625
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.mts.ru/	1970-01-20 19:08:20	Name: mts_id Value: 17e200e7-12ea-4ce4-9e6a-ad8e2406cb8a
.mts.ru/	1970-01-20 19:08:20	Name: mts_id_last_sync Value: 1675940625
x01.aidata.io/	1970-01-20 09:36:39	Name: livin Value: 1
.bumlam.com/	1970-01-20 19:08:20	Name: suuid3 Value: IiQ2YzIxNDg1Ni1hODY5LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
ssp.bidvol.com/	1970-01-20 19:08:20	Name: bvuid Value: l8y198uksj
.gonet-ads.com/	1970-01-20 18:17:56	Name: pid Value: N2YxM2QwNjU2ZDJlYWU1Mg
.agency2.ru/	1970-01-20 18:04:59	Name: uuid Value: 3e63e46b-57f8-4c2a-b9c3-fc767f1bedb7
.an.yandex.ru/	1969-12-31 23:59:59	Name: yabs-dsp Value: mts_banner.dlNGNmpxd1hUNkdwbjRfamptQ1B0Zw==
sync.programmatica.com/	1969-12-31 23:59:59	Name: chk Value: 1
.dmg.digitaltarget.ru/	1970-01-20 19:08:20	Name: viuserid Value: -xvlreoLuzgPM327TJF1
.programmatica.com/	1970-01-20 19:08:20	Name: pid Value: NTFkNTk1YzBiMDhjYTZmZg
.mail.ru/	1970-01-20 18:19:23	Name: VID Value: 1xIZiq1hyB2F00000o1aP4IF:::0-0-0-8ff2bd0:CAASEDznPsECs9i0yjalHxZeX78aYGIGIBxV-Nu70TlT_nJI96U8KvH976je8yvMbT__KCcQtIKHUS1Lr5KPbgAfy-3s_dwQRgSadM2kZe68NMVqkn9R6T_yFN3hhoZ4nnE3y1RRZAgQJucZk4uByJ4VrIm5Xg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://6c214856-a869-11ed-86e0-002590c0647c.n7.sync.bumlam.com/?src=sape Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6c214856-a869-11ed-86e0-002590c0647c.n7.sync.bumlam.com
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
ads.adlook.me
ads.betweendigital.com
adservice.google.com
adservice.google.pl
an.yandex.ru
cdn-rtb.sape.ru
counter.rambler.ru
counter.yadro.ru
cs.agency2.ru
d4.c1.b4.a1.top.list.ru
dm-eu.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fonts.googleapis.com
googleads.g.doubleclick.net
kraken.rambler.ru
match.new-programmatic.com
mc.yandex.ru
nr.bidderstack.com
pagead2.googlesyndication.com
partner.googleadservices.com
px.adhigh.net
s.uuidksinc.net
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
sync.1dmp.io
sync.adkernel.com
sync.adspend.space
sync.bumlam.com
sync.dmp.otm-r.com
sync.gonet-ads.com
sync.programmatica.com
sync.upravel.com
tag.digitaltarget.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
www.acint.net
www.google.com
www.googletagservices.com
www.gstatic.com
www.paladiny.ru
x01.aidata.io
6c214856-a869-11ed-86e0-002590c0647c.n7.sync.bumlam.com
116.202.85.93
142.250.180.194
142.250.180.228
142.250.201.193
142.250.201.194
142.250.201.195
142.251.208.162
142.251.39.34
142.251.39.74
146.185.148.189
148.251.40.140
167.235.117.41
172.217.20.2
172.67.217.151
176.122.21.139
185.12.125.25
185.12.127.130
185.147.80.35
185.15.175.131
185.15.175.144
188.42.105.220
188.42.191.196
188.72.107.205
193.232.150.70
193.3.184.137
193.3.184.212
195.209.108.39
212.76.129.181
213.87.44.187
217.65.2.150
217.66.147.37
23.111.107.44
23.88.12.14
31.172.81.172
31.220.27.155
37.18.103.22
65.109.65.188
77.245.57.72
78.46.16.13
81.19.89.17
81.19.89.18
81.222.128.215
87.242.89.90
87.250.251.119
88.212.202.52
89.108.120.68
93.158.134.90
95.163.41.56
95.163.52.67
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
0a3fc662c48f76f65dd1f7804fe5e8c7797762acb1106e3eabf6b972fb5c0aab
0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770
0e10f07e21bdc3acceb8b6163bc8d6f749147a15abde39f6d65f5eae72d4e404
0f946a4f332240c27f3e9bec2b91048d71be09f194fb6bc316fad159352e88ed
16a992224a960c618cc1c18e44a4b6301a665cad4039374421247a353bd9db75
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
28164286b68f01dd1fc361a07c900fa3a131973c9db023b2d9d30abe6a9a030a
28e61bfe4ec59cb82441109a6d54ee0bd7178bb3f9c0c27fb0e62bc31e2b4bff
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
30ee3b9414b3b7368ab7d4e7b571f2c4c0e841e32911497a84798e283f172064
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36d71a4322b43e8bc7f079e0e9ff676e97ac8af955332e30de9d513e0ca8b861
40ed9971456e7552b7bcc66b4a048f01579b9c058293947df3abf9e23ce7e34c
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc
46612b2c33d8502a26bef927b364c85ba1bd5e8c9491bb9c369ec9d8900682ba
487238b9c9c6d7ade7161ece3909d28315189cddd05644fd918b5b7dc40b0929
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
53b349a0b900f4691c34e12931916b41e3c3bb30181bdcb4ff7618f5fdf3cda0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c3ddff3d745944937fcb213034b19a846ee081eda10726f252e165d2538bf94
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dd862a9779d4985cdecf34869460a2b27364f97e84e152d062e7d6846b10f59
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628f760ac64a37c0b9c0c55fa5e5a70343b90a87decd05889c72571253d29818
6e9cd72c5eb9526358e9607329dc1b35f4b80b8ce688ca6dc5ed97dd38728898
741375704b2818352ff5e6c508b71dfcae58013fe935753d25a8c1c6c67c912b
74dcd398eafd7dbc3d07b76625839f63f464de97b26adca97ac30883cf79b0d9
74e51ad76a9c144a79ddce4488618495769b9c3af5b6ff4651315545850ae3a2
8263cc71b2efe8c428707aba20e1724c1609d6f908f294a07550d7933e622c32
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
8383d899b4b78414edd75f2b16662f7235dfd02144466f31f27b35332d5f2f97
8699eba17aa446f696164a3e14a19d1cfe088be49c3b7d6ba3e890e91953a15c
8825fb2a03439772129529a38dcb7627e31c50fef7e9858b641afab742d060a6
9136d411ae25e3b6095f96a4dd7a8e6e88d42af73d49bf7f447a53cf494913dc
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13fa404297bf52896c2e3ddda49891e7f23c268d43a1cf04a03a2b02e32ad54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59acdbcb51f14636fb0d8aed572f48bb964eb4cacf99f6fbb294ed422e591c9
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aba4852dfc7b5f2bafef02200c329f1cb1ae85786eb6c359efc8b05bc3b2e59f
acede588e9f65290b48c0dc26838ccc29cccbb295c3522e4eff2aef78f950ff4
ae1401ab4ddd9845a325bf809e93499c7d8bc0a52e8f032f206da67272aabcc0
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
bfc9e29fe3855562270904a8fb4df7444e8e346c41495c10138ffc3d7c65d0c5
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5da2474740f8762021661a2d791f5d348e1109d60b0b11c319bddb16d089836
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfdbae1c302cf3e3cf68a0b9a049503fbec2165e1ee9b783bc67b7c4deb657c7
d251101f3039f702bd870b1e4ae92addc42f895f3f9699f0d1341aaed075c47f
da3aac110278116dac2ac2359465f8c511d12cee712ca74e828350e891c92846
df1c3706de99045e28932083d74815c3bc1330c57de9c861e5f4e5de88ae70e4
e0b62efbecd5715ccfb25631dad2a14efd3ff969eaaddfa5e827100a2fefa881
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
e2ed7d372b4df9b6132f8bc5ee9534994a37790e9f8612c89de3131ac0a3ee76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaba4c606dbd8ce6ad26a8bb999d30e855f8c1c5e194dc675b459c60679e8cb0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1533d88066cf986a9dd24c2ada9e9386cbdd29793e1448af235bac55a16dbb0
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fd1b92c599bb32fb246e497421d6acf06399ca23e7023063bcd55c2d7d6c1e74
fd7bd8899129d916ffbfa0b67e14f6dde1fd46008f042ef00dfbd7dd99361511

www.paladiny.ru Open in urlscan Pro 146.185.148.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

114 Requests

55 %HTTPS

0 %IPv6

41 Domains

52 Subdomains

33 IPs

6 Countries

757 kBTransfer

1796 kBSize

80 Cookies

13 Outgoing links

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.paladiny.ru Open in urlscan Pro
146.185.148.189 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

55 %
HTTPS

0 %
IPv6

41
Domains

52
Subdomains

33
IPs

6
Countries

757 kB
Transfer

1796 kB
Size

80
Cookies

114 HTTP transactions
1 data transactions