urlscan.io logo urlscan.io
SecurityTrails logo

wall.alphacoders.com Open in urlscan Pro
144.217.71.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Effective URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Submission: On January 14 via manual from RU — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 57 IPs in 6 countries across 42 domains to perform 186 HTTP transactions. The main IP is 144.217.71.114, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is wall.alphacoders.com. The Cisco Umbrella rank of the primary domain is 189373.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 24th 2021. Valid for: a year.
This is the only time wall.alphacoders.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 144.217.71.114 16276 (OVH)
8 142.250.80.2 15169 (GOOGLE)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
13 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
5 45.133.44.4 7018 (ATT-INTER...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 45.133.44.3 39572 (ADVANCEDH...)
5 2a06:8640:799... 55081 (24SHELLS)
1 2607:f8b0:402... 15169 (GOOGLE)
6 2602:803:c001... 26667 (RUBICONPR...)
1 2 34.98.64.218 15169 (GOOGLE)
2 185.184.10.30 203690 (RTB-HOUSE...)
2 173.223.237.164 16625 (AKAMAI-AS)
3 68.67.160.137 29990 (ASN-APPNEX)
3 34.149.20.76 15169 (GOOGLE)
2 3.230.217.116 14618 (AMAZON-AES)
3 51.222.39.185 16276 (OVH)
2 23.92.190.74 29791 (VOXEL-DOT...)
2 104.36.115.111 62713 (AS-PUBMATIC)
1 172.98.26.126 399668 (E-PLANNING-)
2 74.119.119.129 19750 (AS-CRITEO)
1 96.46.186.57 7979 (SERVERS-COM)
5 2a06:8640:454::2 55081 (24SHELLS)
1 147.75.61.140 54825 (PACKET)
1 185.184.8.65 204995 (RTB-HOUSE...)
1 2 23.227.139.243 55081 (24SHELLS)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 1 37.18.16.22 205675 (HYBRID-AS)
7 2607:f8b0:400... 15169 (GOOGLE)
14 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 151.101.193.108 54113 (FASTLY)
1 68.67.161.207 29990 (ASN-APPNEX)
8 2607:f8b0:400... 15169 (GOOGLE)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 74.119.119.139 19750 (AS-CRITEO)
3 24 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 75.119.185.147 27381 (CASALE-MEDIA)
4 5 142.251.40.162 15169 (GOOGLE)
1 2 146.20.128.157 27357 (RACKSPACE)
4 6 69.192.109.125 16625 (AKAMAI-AS)
5 2607:f8b0:400... 15169 (GOOGLE)
4 142.250.65.162 15169 (GOOGLE)
1 142.251.32.102 15169 (GOOGLE)
1 1 23.209.184.224 16625 (AKAMAI-AS)
2 2 104.36.115.113 62713 (AS-PUBMATIC)
1 1 8.28.7.83 62713 (AS-PUBMATIC)
1 44.194.147.181 14618 (AMAZON-AES)
2 2 52.27.192.111 16509 (AMAZON-02)
2 2 34.236.165.73 14618 (AMAZON-AES)
1 1 3.218.90.66 14618 (AMAZON-AES)
1 35.244.159.8 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 35.190.126.92 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 141.95.3.10 ()
1 15.197.193.217 ()
186 57
5    144.217.71.114 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns537837.ip-144-217-71.net
wall.alphacoders.com
8    142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net
securepubads.g.doubleclick.net
11    2606:4700:10::ac43:324 (United States)

ASN13335 (CLOUDFLARENET, US)
images8.alphacoders.com
images5.alphacoders.com
images6.alphacoders.com
images4.alphacoders.com
13    2606:4700:10::6814:fc2 (United States)

ASN13335 (CLOUDFLARENET, US)
images2.alphacoders.com
static.alphacoders.com
images.alphacoders.com
2    2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.hb.selectmedia.asia
p.deliveryapis.com
3    2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
5    2a06:8640:799:0:ec4:7aff:fe6e:a48e (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.hb.selectmedia.asia
1    2607:f8b0:4023:1404::9c (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2602:803:c001::200:144 (San Jose, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adtelligent-d.openx.net
us-u.openx.net
2    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
2    173.223.237.164 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-237-164.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
3    68.67.160.137 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
3    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
3    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
2    23.92.190.74 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    172.98.26.126 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
2    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
1    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
5    2a06:8640:454::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
2    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
1    37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
7    2607:f8b0:4006:806::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
14    2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)
56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    68.67.161.207 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
8    2607:f8b0:4006:820::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2607:f8b0:4006:824::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6812:517 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.expo9.exponential.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
24    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
s.tribalfusion.com
cdnx.tribalfusion.com
a.tribalfusion.com
2    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    75.119.185.147 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a475.casalemedia.com
5    142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
cm.g.doubleclick.net
2    146.20.128.157 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
6    69.192.109.125 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-109-125.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
5    2607:f8b0:4006:80a::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
googleads4.g.doubleclick.net
1    142.251.32.102 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f6.1e100.net
ad.doubleclick.net
1    23.209.184.224 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-184-224.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    44.194.147.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-147-181.compute-1.amazonaws.com
beacon.krxd.net
2    52.27.192.111 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-192-111.us-west-2.compute.amazonaws.com
dpm.demdex.net
2    34.236.165.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-165-73.compute-1.amazonaws.com
pixel.advertising.com
1    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    35.190.126.92 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 92.126.190.35.bc.googleusercontent.com
public-prod-dspcookiematching.dmxleo.com
4    2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    141.95.3.10 (None, )

ASN- ()
id5-sync.com
1    15.197.193.217 (None, )

ASN- ()
match.adsrvr.org
Apex Domain
Subdomains		 Transfer
29 alphacoders.com
wall.alphacoders.com — Cisco Umbrella Rank: 189373
images8.alphacoders.com — Cisco Umbrella Rank: 105018
images2.alphacoders.com — Cisco Umbrella Rank: 155257
static.alphacoders.com — Cisco Umbrella Rank: 293327
images.alphacoders.com — Cisco Umbrella Rank: 159742
images5.alphacoders.com — Cisco Umbrella Rank: 156509
images6.alphacoders.com — Cisco Umbrella Rank: 177630
images4.alphacoders.com — Cisco Umbrella Rank: 157674
850 KB
24 tribalfusion.com
s.tribalfusion.com — Cisco Umbrella Rank: 1925
cdnx.tribalfusion.com — Cisco Umbrella Rank: 6262
a.tribalfusion.com — Cisco Umbrella Rank: 678
36 KB
24 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
136 KB
21 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
cm.g.doubleclick.net — Cisco Umbrella Rank: 169
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
ad.doubleclick.net — Cisco Umbrella Rank: 187
206 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 693
gum.criteo.com — Cisco Umbrella Rank: 339
mug.criteo.com — Cisco Umbrella Rank: 3226
8 KB
9 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 437
a475.casalemedia.com — Cisco Umbrella Rank: 101987
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
27 KB
8 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 5237
ghb.adtelligent.com — Cisco Umbrella Rank: 5531
sync.adtelligent.com — Cisco Umbrella Rank: 2578
14 KB
8 selectmedia.asia
player.hb.selectmedia.asia — Cisco Umbrella Rank: 21403
ghb.hb.selectmedia.asia — Cisco Umbrella Rank: 21889
167 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 151
170 KB
6 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 442
8 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 245
181 KB
5 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 448
image6.pubmatic.com — Cisco Umbrella Rank: 531
simage2.pubmatic.com — Cisco Umbrella Rank: 481
1 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
acdn.adnxs.com — Cisco Umbrella Rank: 534
secure.adnxs.com — Cisco Umbrella Rank: 351
10 KB
4 gstatic.com
fonts.gstatic.com
63 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 888
2 KB
3 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 667
ups.analytics.yahoo.com — Cisco Umbrella Rank: 249
2 KB
3 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1506
772 B
3 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 8697
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5526
544 B
3 openx.net
adtelligent-d.openx.net — Cisco Umbrella Rank: 19041
us-u.openx.net — Cisco Umbrella Rank: 316
969 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
2 dmxleo.com
public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 1759
294 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 293
695 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
2 KB
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 2479
913 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 587
55 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 69
www.google.com — Cisco Umbrella Rank: 8
2 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 609
1 KB
2 deliveryapis.com
p.deliveryapis.com — Cisco Umbrella Rank: 16122
13 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
98 KB
1 adsrvr.org
match.adsrvr.org
547 B
1 id5-sync.com
id5-sync.com
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 356
338 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 402
677 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 398
9 KB
1 exponential.com
tags.expo9.exponential.com — Cisco Umbrella Rank: 5346
3 KB
1 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 5603
403 B
1 trafmag.com
t.trafmag.com — Cisco Umbrella Rank: 5938
351 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1027
379 B
1 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1471
916 B
1 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7231
161 B
0 adxpremium.services Failed
rtb.adxpremium.services Failed
186 42
Domain Requested by
14 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
cdn.jsdelivr.net
googleads.g.doubleclick.net
56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com
ad.doubleclick.net
www.googletagservices.com
12 s.tribalfusion.com tags.expo9.exponential.com
s.tribalfusion.com
wall.alphacoders.com
9 a.tribalfusion.com 3 redirects s.tribalfusion.com
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
8 securepubads.g.doubleclick.net wall.alphacoders.com
securepubads.g.doubleclick.net
56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com
www.googletagservices.com
6 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
6 www.googletagservices.com securepubads.g.doubleclick.net
56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s.tribalfusion.com
www.googletagservices.com
s0.2mdn.net
6 fastlane.rubiconproject.com player.hb.selectmedia.asia
6 static.alphacoders.com wall.alphacoders.com
5 s0.2mdn.net googleads.g.doubleclick.net
ad.doubleclick.net
s0.2mdn.net
5 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
5 ghb.adtelligent.com player.hb.selectmedia.asia
p.deliveryapis.com
5 ghb.hb.selectmedia.asia player.hb.selectmedia.asia
5 images2.alphacoders.com wall.alphacoders.com
5 images8.alphacoders.com wall.alphacoders.com
5 wall.alphacoders.com wall.alphacoders.com
4 fonts.gstatic.com fonts.googleapis.com
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
ad.doubleclick.net
4 gum.criteo.com 2 redirects static.criteo.net
4 images4.alphacoders.com wall.alphacoders.com
3 cdnx.tribalfusion.com wall.alphacoders.com
3 mug.criteo.com
3 onetag-sys.com player.hb.selectmedia.asia
p.deliveryapis.com
3 ssc.33across.com player.hb.selectmedia.asia
3 ib.adnxs.com player.hb.selectmedia.asia
p.deliveryapis.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 player.hb.selectmedia.asia wall.alphacoders.com
player.hb.selectmedia.asia
2 public-prod-dspcookiematching.dmxleo.com 1 redirects s.tribalfusion.com
2 us-u.openx.net 1 redirects s.tribalfusion.com
2 pixel.advertising.com 2 redirects
2 dpm.demdex.net 2 redirects
2 image6.pubmatic.com 2 redirects
2 cs.lkqd.net 1 redirects googleads.g.doubleclick.net
2 googleads.g.doubleclick.net cdn.jsdelivr.net
wall.alphacoders.com
2 static.criteo.net player.hb.selectmedia.asia
static.criteo.net
2 56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 sync.adtelligent.com 1 redirects
2 bidder.criteo.com player.hb.selectmedia.asia
p.deliveryapis.com
2 hbopenbid.pubmatic.com player.hb.selectmedia.asia
2 ap.lijit.com player.hb.selectmedia.asia
2 c2shb.ssp.yahoo.com player.hb.selectmedia.asia
2 htlb.casalemedia.com player.hb.selectmedia.asia
2 prebid-us.creativecdn.com player.hb.selectmedia.asia
2 p.deliveryapis.com player.hb.selectmedia.asia
p.deliveryapis.com
2 images.alphacoders.com wall.alphacoders.com
2 www.googletagmanager.com wall.alphacoders.com
www.googletagmanager.com
1 match.adsrvr.org player.hb.selectmedia.asia
1 id5-sync.com player.hb.selectmedia.asia
1 fonts.googleapis.com s0.2mdn.net
1 ups.analytics.yahoo.com 1 redirects
1 beacon.krxd.net s.tribalfusion.com
1 simage2.pubmatic.com 1 redirects
1 tags.bluekai.com 1 redirects
1 ad.doubleclick.net www.googletagservices.com
1 a475.casalemedia.com cdn.jsdelivr.net
1 cdn.jsdelivr.net 56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com
1 tags.expo9.exponential.com securepubads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 secure.adnxs.com acdn.adnxs.com
1 acdn.adnxs.com p.deliveryapis.com
1 adservice.google.com securepubads.g.doubleclick.net
1 dm.hybrid.ai 1 redirects
1 t.trafmag.com
1 prebid-eu.creativecdn.com p.deliveryapis.com
1 prebid.a-mo.net player.hb.selectmedia.asia
1 ads.betweendigital.com player.hb.selectmedia.asia
1 pbjs.e-planning.net player.hb.selectmedia.asia
1 adtelligent-d.openx.net player.hb.selectmedia.asia
1 stats.g.doubleclick.net www.google-analytics.com
1 player.adtelligent.com player.hb.selectmedia.asia
1 images6.alphacoders.com wall.alphacoders.com
1 images5.alphacoders.com wall.alphacoders.com
0 rtb.adxpremium.services Failed player.hb.selectmedia.asia
p.deliveryapis.com
186 73
Subject Issuer Validity Valid
*.alphacoders.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-05-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-15 -
2022-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
player.hb.selectmedia.asia
R3		 2021-12-27 -
2022-03-27		 3 months crt.sh
player.adtelligent.com
R3		 2021-11-19 -
2022-02-17		 3 months crt.sh
ghb.hb.selectmedia.asia
ZeroSSL ECC Domain Secure Site CA		 2021-12-08 -
2022-03-08		 3 months crt.sh
p.deliveryapis.com
R3		 2021-12-19 -
2022-03-19		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-11-26 -
2022-02-24		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-12-08 -
2022-03-08		 3 months crt.sh
*.a-mo.net
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
exponential.com
Cloudflare Inc ECC CA-3		 2021-04-21 -
2022-04-20		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2021-01-13 -
2022-02-14		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh

This page contains 25 frames:

Primary Page: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Frame ID: 68D47E016FBC3B248A70493D8F09863E
Requests: 88 HTTP requests in this frame

Frame: https://p.deliveryapis.com/prebidlink/19006/j.html?i=11597
Frame ID: 1D838C99E736945BA8A28DF6AE71AD76
Requests: 11 HTTP requests in this frame

Frame: https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E58719A8A1EAC2E26FD99619328C1276
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 8A73A307E44630A11934994EAD2539D5
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1642164072817
Frame ID: BA8CB6AB7DB412A35CB943F3818D5618
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wall.alphacoders.com
Frame ID: 5F84AE6CF689B2F352BB635B608F998E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AFB0B204AA15FF2DA3A4A6797AE9F81C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4583D0B9E439D30E509CFD064125FA53
Requests: 2 HTTP requests in this frame

Frame: https://tags.expo9.exponential.com/tags/AlphaCoderscom/ROS2/tags.js
Frame ID: B4597440312BF971F847120C349E768A
Requests: 14 HTTP requests in this frame

Frame: https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 04377E1CD977E96F47B5D14F8A7EC6DD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCEMHGmI0DGLu4sL8BMAE&v=APEucNXbYRX9cHTm7xsgYSH-EayhD4tzeb8QUYBcEfC4eOgddm50wRhLzLOlJqgqh9iRUcY1S7nRMMF7htUJNXypsaKJ-wrjMw
Frame ID: F2B8CB27388D25FB465F49233941AC0D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFJ8WQGNV2BSGZNihwPVm1U0Gs9X_y7Ff765Ks7LDO18ob2Aw7lBOEgYmvO5NeCxeN4EdiRN0ni75exFuvYpfJ-0TPhzHix1tkMZ-mAmxHERCHCUJkm2DHeAu9-GR06hCDJLJkMvTHp1vbKjMk5lNSn0ap5Q&cry=1&dbm_d=AKAmf-Bi-VnSFbmeKd71gOqUHn9K1J4q43ucgUyKRWup0012ELG4eXOM3gLdor1_tDYFtuDMcEb7S3j34U4dbWWMlPGM1ke-Ftn9q4Vo5SBTKfzi98Hwb_McoNj3rIvsAlrQVnhknQLH578LaCTwP9QF0ionCjl01ftVBVRj-wTefahYYGO62lf1USenQBcY_E7uTWnYzuGm6KvZIwnRien4k58W-iy8h6ubCjJ1BMqEzOKWw3dIaE3jepqmdjbfNZ4Pqymz9dSuT5BJ3Rjw3ziezN0Gz3KP5ivB7Rj0Z0yalhabMG0xV7Ke3lMRCHzG1f9JryrDVpwp5sX5FVdm7Jh1bLQyhm_f9DbPa2WfRnKJUOxsYAokvDNeo_9Wi9XAJy0QF9Fo21TL7vwsuIhqLOs41Rle6KhF33B3livEe75Psh1DKTKJL3s1GWQly1_MnkjWoGghUFl0Xw7wXJ2p0oKsyKa6U0beGjfXRIn93AIIeS0A2MvN9AcT8kKk13fD6E0dm9QYuqd-xpfgAH2fR1wOiSG7oNLhhgKGEuOaljFXP7RKDbNrebN-hzvklbD1DaLxHWQVyZ824tj6EobbwSSS1m-dYslTpe1beMshubih41p4XlNV8HY-hsYISWHtGt9U-s-NtPWgDsooIGe3_WN2F71UOQXLI-jHbYhR-_VBckb9z2obhhT4OMI0X7S7UY1a4FhrA8Jko2FrltsbIo_kljqV6LyIFSnJAj-AtCHbHlHoXFYtq6W-Muqvd8E5O4AmtWcicyM4u1KXTMAK_gXzV6oqA3IBS7dZQoxWOiv238o_WdSRIYWtafAoMXyfzyFS0zzvfkLYKPnmqZCHLDbTNXLUwX2J-6hPmtooJSfMGGiosV2skJV5V-hGlKC57VYU9znI1hQMcSEQue1DOd_wBTjhzdnHwr80JuxVxeHoa6eY_SI8PueNo_PjhwfIClqjPLa0RT7DE04BsdVfhg0GlzPspuW7k-CVvVzGCyxOtxfy5eEyndg30EisFsM911xKSjsFTNLFidb5PgQfvk2SCYo-cK-SHMPiO039iU9zBsEjApMKJ9UEJ-g1NpaXCWld2Me-EM_IrSL893rmyIpfCJThgqTUSp0zEZyTrcRhvwWQ8ZKRl1dKQMmTu0w1EeXBpnRmqQq1HxpPagfUvz2LN2XGoiPL9GFLCvoto-4smXdNlaf27zdiEn7oOBkuwxbiT1XN42mmmDjtiJF4Y98pg-pmxsC5QcPa4oOYeHJGL_q6TaHg5S16HolGwkCg5EZWnbKTVrBv-U2nh3OsSQw48xWENsoeq8ohO7ees9JaxSo6vi5ewlR7NO9H_tPicb8726LEr9ym3hml-mQW9d4PT4fXB6X0cjUDab6TJVk2kXKD1FuYcGbBtrmjYkcq2mnqDTOFKOhDC1wqY_QItSILsmGhiTUFzryFtRFZ-T8g76iHcXob4kl1UOYLuqLisEv6j0n17Ky3-aDafvHNaE99im7TqIP_btIepu85OB8Hdr7UqtcleS0I38M4ZTzhhjM5DtUq8A0E-h5025YCJ-VmJhegSCwAJzpuXHSzjSjbTWrfVbYIYpWjFvVrEKhE13YgcyaRsSJM1QJg-xPqaOSr-GIOnqWLEzaGXOJSB6O8jOxgxL_BbyUZQL3g_WWP9J6wGxfMXZVVTu4NAzeCVDWzmSU5x_tr68VleYAdVYMAk4vbawV2Z-FZyH0Os4D_cUxQuDGcBF82rxS-WWxCFq9Rgza_x9O7OZdjWDq6Xalh15HuO4PhMILXUoPKsQMtHCmY6sSD9RX7Hcfl4KALN51CgsRgPoe6jE58hoEr0VCsL2nrnu53QcJEDTmNTRGaGD-lb82IUJq46YJvHXhhq4Mn5ztXh0i-afdCp7qONpley5xF44NzUtkJOecSH-t9T5f5PhBuqv8EsAxkthDRsF3OrR-jnS7sxYb_sVasZ-0e7H6tslvj8zCW17mvX6vyHI_HBS4UmAdMupOEgynkuDj1VaQ5bm-z5NwpTivqUGyDGJx81irl3N0BqUtF8DT0vb6WqYcD48myQ--lHKH3qiSSnmpIqfEqkf3CWQlTUs9KHZfL2I4nKR_5LRDllWsZUjy_oIqE7iIlC8HSm8cas2JX-Xn-zIA-6gQvYUMNIVm1oW2fkkEQo2Yp0L3kUxOAM-_K7kFChKKuqzUc07sDokQ6o0oNrF2Xy-Co962PThF28jX_kDcHZuRPFcDcmlIw5cw__Xjprc2ra8LaVwf7hezxmTSoDyPGPT5qSpuc4qs9XQ6tSAm4LPVqInrFHkGCjBhOJ5eEEfffVsy3DN1n4lxE5q-MuItavGqNFXPmWco6lE-WMuNgY0WJPblByk9Q7CFq-1SZgAXu9o_JTeP99AP9ewvy7Idooc4K5gxMdPPq1lPV0wbxDylETIpcmQCzTzvSoQN6Nl0zd-Qshu-wjUPNkztm68B7rhkJV4jQ0VcinbaswpAJyftBcvCLEEJo0E-I-mpDQhTyzcSwBiMsQrLok8NVVmGldGOHZ8l57UV_RMOlfj7pzZRYsC6eI6iNDtzSGNb8I_0H2P90bSRfUY6PLSSviQq2Ni2F9Jolk7G3Y9YO20j_f9NmssjTiwL7OPExzZnTXggHTBYEE9iE156S5xpw-YiUAGzV_JqEueH16oLGzGi0zquk0AdsTK5sfrhTFFcHjPFlA30VGCy7pdDYl3xaJt6O9rcTUVhIrQshOGP-Zvre15vomm7GbDSHBevOyVVq8BHxux5fKdewO1uDnoEq12GY3L4Ob9K651wiLdS3syZVqyMEBtpr1Kp3gefeTTcRLU2_qAVqexz5uFi85FW8vfOmh9OMq7CEI74Q06bgSTcjMpD0aV98dp3nv682Mvyz6ofB2EJkTXfPnBVIUMrRjSE50HyRAGtLPa6rddhZsDDR7XL5FK2FOFtmvW2VcRnFc0vUaQz3fyysQRAErRcBuYhV6FoTxYYqY8x9ewVuJBxMMm9lztWOs3vXugQ5k1xnQOfda1o90jn7l_bG_CJGAVDzfsaloDC0J-triuZao4_cDYI3VvjMDc_hkb1UJAL2iQwggmKArPuLPUlx_0i9-NZkSg&pr=13:YeFvZgAAAACeNY3aP9Jet777f4ZwSMOe_nxDFg&cid=CAASBORoxys&rfl=2%2Chttps%253A%252F%252Fwall.alphacoders.com%252Fby_sub_category.php%253Fid%253D289267%2526name%253DShadow%252Bof%252Bthe%252BTomb%252BRaider%252B%2525D0%25259E%2525D0%2525B1%2525D0%2525BE%2525D0%2525B8%2526lang%253DRussian%240
Frame ID: 73760A3D742CF8BC1091E6FA633090BC
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FD7DCEB601B94A48B32E5E0191741C6F
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N5877.2106305EXPONENTIAL/B26160057.315763075;dc_ver=82.239;dc_eid=40004001;sz=970x250;u_sd=1;nel=1;cid=0002910059;dc_adk=635667947;ord=cgzkre;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FarmXpm4sY40UUZaTPXn2AU7R6bB3tvy0t3ZcpdEO4AvV5GjbTsYkWGb8RP3yTdUTWbbP2benVqMnTTv8QqnZbSVQBRFIoRtYdUGn54UPqodIOXaPu4dMZdPsBG5mnIpWXrVHjfXFYj1Ufi0qyOSbJAUbJSTdM4orZbxPFJrXTQy5Ejl5anQoEjI1bb8WHfVmmfKpGMwoWMJ3TQi3Weo4AZbGnbvEYs7RYVM51Vjomq7P5UF2TFnZcWEqxunyXmRFXyAZaioHMpQAvIZccHaPu%2F;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian$0;xdt=0;crlt=p)o(ELNi46;sttr=28;prcl=s
Frame ID: 1E5ECD82646D87C52210532451DEE228
Requests: 8 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=asmSg31rZb8WHbSoPnInGnpmH3E2Evh2tIN5PZbLmbYZd0GUPYcJ50VvMmaBS3bUTTFbZaUPv4PEbXSsFtQdFrYHrqVPvM2GJ30UFZaVmPw5mrePmMF2dUs1dnZdpdAo5PBT5GbgVsMaUc78RAvvTtQ3UbF12bZaxUaMvVEJbSTYFScQZdRrZatRHMkWVQ54UyxnWytXEPw3tnZaPcjC2mJHmdXyTcr6TVrUtfe2ZcE&mediaDataID=6530936&mediaName=frame.html
Frame ID: E79B9D91F8AB3D497C9EE282F3E533DD
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=atmSg3UVMT2FumnHyqXqyw4dQASVZbE5AnHotinUHj60bUaYUUg0qqnSUnAUbQ0Tt3UobJnPUrt1TZbs5EFa2Tj4ma7GYF3cWHrWoAUBmcYwoWfB5TMe2dan3AbGnFbJXs701sn5XGbnnEFU2FQ2VUJFVAnWRTrQQsZbtStZbr1HvrT6Qx3Gn5XUvDT6mw56F6PPFD3HYy1tYZcpd2o36BY5HJ7XUUVrZcRRMt&mediaDataID=6347136&mediaName=frame.html
Frame ID: 1A5A1ED7FD638F052B4F1E57CFFAA39E
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aumSg30UUIVmqn4PUhRPJD4Wnt0tnCmdao5mrT4cQ7VcrdWcnhRAFNTWMPUFjY5bIwUarpVTJcSEJZdSGBCRFqrRtM8WcjQ2FeqodIOYTPp2tbHQcZbZc46MImdEyTdQcXU7k1FjgXaeMRrrGTFUSVdn2nrBuRFbNYTFs3TZba4T75oTBDXb77WWJXmPrBmsfootQA2TY82Wem3AvGprbEXtZbQUUYjNn6ndM&mediaDataID=4056396&mediaName=frame.html
Frame ID: D7B1B67E55E12CDB323A8B32D073500F
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=avmSg3WHbSoAnKpVrsmWbA5Evi5dep4ABGnbQJYVUQ1cv20GrunEvR2bMQVr7GUArVRTM1QcZbqSd3O1dfuTPfO2G31XbFZcVmar2PneQAFK2HZbm0dYZcmHTM363Y5GjdTVBjUsJhPPYoUtvVTbfP3rapVqMwTEYlQEBZdQVJCPFuqPHU8VcQQ2UTxmteOYE6x2W3GPV7Zd5PQJmdXyVWQhXTZbbUcFXvnBGIA&mediaDataID=6546596&mediaName=frame.html
Frame ID: A1D65E22B3E17CEC9905F2CA4CB3072A
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=awmSg32FumodirXT2n3HjGSGbH5AMLmW6yTHbcYrUb1Ubf0auqRrJBTbv4VHY4orFvRFjqYEFr3E3k4qnRoanEYFJdUtrToA7ZcpG3wpdQJ3TZbe3tat5PjJprvEXsfWYVZbVXVZbupTb43FvWWUbZcWPY5QErRSs3MQdUOYt7uVPbN4sUYXF3ZdTmXw4AQeQPrC2drs1HUDmHEy36BY3sjgTWjc1U7YqlAd3x&mediaDataID=2713736&mediaName=frame.html
Frame ID: 632B75AA75A00B475D4ED5CDCC0C2435
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=axmSg3Vmqn2PU7RmjG2HvsXWZbKmH6u4PvY5cYdUsrcUcBeRPJxUtFQTFF33UZamUqvxTEQbQTBZaQGYIPbevPtj6WcvQ4reuodym0qTp3H3ZdQVrD4mUIpWZapVWZbhXUf9YbQ9XqAqPbUZbUFMXWd3WmbfmQUbM1TUy5EUk2avRmaMF1rY8UHrVn63BnVMwpt7B3qre2daM467IprbE0Gf0YW73VrbKt64Q6N&mediaDataID=8039566&mediaName=frame.html
Frame ID: 2410A6AA437A86301EF8FBE904874862
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aymSg3oAnKpGvmoW3A2ane5tEM46jJmF3EXV3WXsv3XGFxnTrW3FFPWrJDWmn2REnSSsUtQtUyYdnoVmrp4GZbYXbQZbTAau2PFdR6BK3trO0HBZdnWay4mUV3sngTVJ6WVr8PAnxWdY3UbB12rIuWaUoWTYiSEQFSGQIRr6vRt77UVQS4UetnWAOXaqp3WjHQsZbF563EpHAoVWQh0bfkYaMeVWeGqZcsZbJH&mediaDataID=6719746&mediaName=frame.html
Frame ID: F4752F49311E393C1E99651F6A9565FA
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aMmUoeodiq0qmy2WfEPVFF2mnLpWTtUHfhXr39XFbeXaItRbFEUFB5WHn0mFBoRU7y1T3s5TUj2qfXmEjI1FYbUt7VmPrKpGfrmHUJ2ar73dms4AJJnUrL0GMYXcJ0XVrnmTfV2FrPTFFFUP7VQanQQVZbtPHJx1WvoWmvO2sZbWXUZbJVmqw4AZb9R6JK3HrpXdQZdmH2u5PBV3cM7Us39WGnlRAMoWdF3WrM10FADpZdFuBZc&mediaDataID=5578346&mediaName=frame.html
Frame ID: 9D924CC5307E142371DD553D3C510B5A
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aNmSg32PU9R6bA2tvq1WvJpdem4PJR5cUgTsM6VsBfPPvuUdJTUbM22UarWEMmTT3jSEYZdSVQLRbmpRWniUcfS4ryrmter0q6y4dYZdPcZbZa46JIoWeqUtja0brkYbYk0TyMPrMEWU3SVdr2nbFxPFZbrXEUO3EFa4q7XoTbIYFUaWHJ1mmYZcmcUwoWrJ2qFf3HIt4PjFmUMK0Gf01cFV0t3wMdbbMK24ul&mediaDataID=6807466&mediaName=frame.html
Frame ID: 2D710C1FFA3B15B6ECEFBAD5107D4C66
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 23CC6763A2C2B660FFE59E0F4154FDF3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5889853837245677568/US_BrandTrust.html
Frame ID: CA16252378006C55A641D55C13A43CB0
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

110+ Shadow of the Tomb Raider HD Обои | Фоны

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

186
Requests

90 %
HTTPS

35 %
IPv6

42
Domains

73
Subdomains

57
IPs

6
Countries

2081 kB
Transfer

4368 kB
Size

55
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=af36c04a184a6a7c
Request Chain 83
  • https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=324902&extuid=a9510182358aa5d69146
Request Chain 110
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=alphacoders.com&sn=ChromeSyncframe&so=0&topUrl=wall.alphacoders.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=-8d77HxvM2U1dGZhM3hzcmRlcGwxUnd3ZWxBTFdoWkkzbjZPeVBnaDhubU5MWTNJeTFNQjAzdjgxS1l6QWNQTUswOGZuMkdTc0gwakZFRVZsUHc0dWFad0krYXZOR25tOUpxYXh3SUlLSUFCZzFhU0NDKzZlVmp6dC9vcWNLV2lQV2VDWHBKWkQwWE55eEtJN2NCdVhLekhkU004RzFhWU1pN1JROXVIRTN3SG5VSzMwdFFYZHJBYWVOZk9UM3lBQzhwaHNWM0lJcGVOaTBvS1dsRTI3UlUvWXU3OVpOaHJoQURFcGNLYUNGWnUyUUlRMW5Pa3l5SlpXTlNueXJWdldaK1Z3WWIyTHdabEZ2dnVjbXMrMHErQk1PQT09fA&cppv=2
Request Chain 120
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEHyCvwRrwDKQYZfot1twOJ8&google_cver=1
Request Chain 121
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=bWo0VnQ1aHJVZUk
Request Chain 122
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPPWcEuZVPfAxfNfs-SpA4Q&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPPWcEuZVPfAxfNfs-SpA4Q&google_cver=1&C=1
Request Chain 123
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YeFvaV4TKkZCtr9DqiYr3AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPPWcEuZVPfAxfNfs-SpA4Q&google_cver=1
Request Chain 151
  • https://tags.bluekai.com/site/4229?id=18072662314459756810&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
  • https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
Request Chain 152
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662314459756810%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662314459756810%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662314459756810&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b11&u=089EF038-E12B-4E9D-A8A5-824724A54C8C
Request Chain 154
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662314459756810&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662314459756810
Request Chain 155
  • https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662314459756810&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662314459756810&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b13&u=64476358923126224793280621740210638359
Request Chain 159
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662314459756810&_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662314459756810&_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662314459756810&_origin=1&redir=true&apid=UP4285f951-7537-11ec-b336-0e8af3d3cab3 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b17&u=UP4285f951-7537-11ec-b336-0e8af3d3cab3
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662314459756810 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEM7v035Oj86rIzv7A5qzNUM&google_cver=1&google_ula=2786954,0
Request Chain 164
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=80d07be0-3b43-452f-84aa-9ac85022d3dd HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662314459756810
Request Chain 165
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662314459756810&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b20&u=YeFvaV4TKkZCtr9DqiYr3QAA
Request Chain 170
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662314459756810&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662314459756810 HTTP 307
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662314459756810&cookieRequired=true
Request Chain 181
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwall.alphacoders.com%2F&domain=wall.alphacoders.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=pwmL1HxFS2MzRXV5TlZhakdXcDA5cFBxVjdjVTliaFlxY1YrUFhOV3NWZkxob29TTjJoZHJEZjdkY2pQVnZuN0Y4ck1FY0NwTWJKR3kydjBxbXp6WnRUdElXSmJKNU93MmdYUmpCb3hsUndtN2t1Y0ZvWHU5NWZzS1d0bHpLbzlteVphZGlTZ2ZwTDBGMnRCOG5ONGpKTkNoWFNuNjYrOENuOVUxZzc3dFdZOS9TdXFnVWNDZGNVUVFNTkpaZ1BFUUVFTkpXOEFyZ3hIMmxUWHF3b3NiR1ZONmVzdFRhTlZpUCtjMDJWNGIxc0VIWUdLVUVOUnhHRHlBbnpKeE56QU9ydiszTUNUT3NtUUE4akNJZUJ5cC9LUkFXSFJ4WXNmcktPcHN3cWxsNFcyU0RpWT18&cppv=2

186 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request by_sub_category.php
wall.alphacoders.com/ 		219 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.71.114 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns537837.ip-144-217-71.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
90e9b37e995d98b6c43d8b384c943a653e81ee7c99d551132d36989ea923dfd6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

server
nginx/1.10.3 (Ubuntu)
date
Fri, 14 Jan 2022 12:41:09 GMT
content-type
text/html; charset=utf-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
content-encoding
gzip
bootstrap-3.3.7-custom.min.css
wall.alphacoders.com/ 		101 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wall.alphacoders.com/bootstrap-3.3.7-custom.min.css
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.71.114 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns537837.ip-144-217-71.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
17d4243e7b024dd5f58bf115e4b73cba3a2c6d26e95f9654c19690d9523026b1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 18:13:39 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"61ba3053-19539"
content-type
text/css
cache-control
max-age=1209600, public
expires
Fri, 28 Jan 2022 12:41:10 GMT
elusive-icons-v2.min.css
wall.alphacoders.com/elusive-icons-2.0.0/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wall.alphacoders.com/elusive-icons-2.0.0/css/elusive-icons-v2.min.css
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.71.114 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns537837.ip-144-217-71.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
927637f4532b737758acc88542c4b4e7b53391897e77a1fc4704fe4543e42983

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
last-modified
Sat, 22 May 2021 19:02:56 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"60a95560-372a"
content-type
text/css
cache-control
max-age=1209600, public
expires
Fri, 28 Jan 2022 12:41:10 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
8784fe39f172830511bb8fc1e5a144f426f24c5b2dd9a6a8eb8b32c0810d71ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26918
x-xss-protection
0
server
sffe
etag
"1101 / 103 of 1000 / last-modified: 1642162396"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 14 Jan 2022 12:41:10 GMT
thumbbig-1074713.webp
images8.alphacoders.com/107/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images8.alphacoders.com/107/thumbbig-1074713.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494e9d9eaba7ccfee2a79037607169c14fb897914213c480acd1b120a29aca37

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
HIT
last-modified
Wed, 26 May 2021 21:38:38 GMT
server
cloudflare
age
109737
etag
"60aebfde-637e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efde58477136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25470
expires
Sat, 12 Feb 2022 06:12:13 GMT
thumbbig-941222.webp
images2.alphacoders.com/941/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.alphacoders.com/941/thumbbig-941222.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
690f510aa7992bd3d1621db29b97c1273de2b676736712eda387c7fea75cf385

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 13:58:02 GMT
server
cloudflare
etag
"60b0f6ea-7e60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efde59ec7156-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32352
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-946900.webp
images8.alphacoders.com/946/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images8.alphacoders.com/946/thumbbig-946900.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14b10dbb39d51396ce90c5df0e9702d88250bffefd51c19d5f6291fabfc5609

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 12:22:51 GMT
server
cloudflare
etag
"60b0e09b-71ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efde584a7136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29162
expires
Sun, 13 Feb 2022 12:41:10 GMT
js
www.googletagmanager.com/gtag/ 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-281956-21
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8610d65ed12e7e4eed8c12ca27d3f04859968567a0e2a99a80ecd4d37c26c846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37421
x-xss-protection
0
expires
Fri, 14 Jan 2022 12:41:10 GMT
Russian-flag.png
static.alphacoders.com/wa/ 		134 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.alphacoders.com/wa/Russian-flag.png
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94b9235eb14dfcb7d43a070ae4bd4fc8ccd6a82278491cb96f05e22de2c20455

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Mar 2014 07:49:41 GMT
server
cloudflare
age
2139509
etag
"53216315-86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efde3b40715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
134
expires
Wed, 19 Jan 2022 18:22:41 GMT
favicon-16x16.png
static.alphacoders.com/icons/ 		502 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.alphacoders.com/icons/favicon-16x16.png
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
723cf7d7de0985ea656da99fb8a267a91cb72636e6b070a718680b329406514f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Sep 2016 18:26:22 GMT
server
cloudflare
age
1215991
etag
"57e17f4e-1f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6cd6efde3b43715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
502
expires
Sun, 30 Jan 2022 10:54:39 GMT
favicon-16x16.png
static.alphacoders.com/icons/wallpaper/ 		475 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.alphacoders.com/icons/wallpaper/favicon-16x16.png
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6545d40233b59548a662210b9008e6d844d8ab8bbd93dc01aaaa3c7f4d56cf4d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Sep 2016 18:28:06 GMT
server
cloudflare
age
79028
etag
"57e17fb6-1db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efde3b42715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
475
expires
Sat, 12 Feb 2022 14:44:02 GMT
ajax-loader-er.gif
static.alphacoders.com/ 		404 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.alphacoders.com/ajax-loader-er.gif
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
217d1b91669dd4a21ce0cff140d526b43a3ac1ea5caa5578d5372fde00dadf1d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Apr 2015 21:18:19 GMT
server
cloudflare
age
1206891
etag
"551c609b-194"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6cd6efde3b45715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
404
expires
Sun, 30 Jan 2022 13:26:19 GMT
jquery-3.2.1.min.js
static.alphacoders.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.alphacoders.com/jquery-3.2.1.min.js
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2017 13:21:58 GMT
server
cloudflare
age
1215991
etag
W/"59a175f6-15287"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
6cd6efde3b44715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 30 Jan 2022 10:54:39 GMT
bootstrap-3.3.7-custom.min.js
wall.alphacoders.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wall.alphacoders.com/bootstrap-3.3.7-custom.min.js
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.71.114 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns537837.ip-144-217-71.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
f9b2b67d3e8f58214d971f90562197da9652e5fe4c4a3c314390afa600805d8f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 18:13:39 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"61ba3053-8196"
content-type
application/javascript
cache-control
max-age=1209600, public
expires
Fri, 28 Jan 2022 12:41:10 GMT
hb_309851_7594.js
player.hb.selectmedia.asia/prebidlink/456156/ 		438 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
87bfaf112a11ed2c4bafe9a36ecc945dcc14f88f8742ec5e18cd125c0572a739

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 17:03:15 GMT
server
nginx
etag
W/"61e05b53-6d931"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Fri, 14 Jan 2022 13:41:10 GMT
wrapper_hb_309851_7594.js
player.hb.selectmedia.asia/prebidlink/456156/ 		1 KB
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/456156/wrapper_hb_309851_7594.js
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b6a593bd76ebe30cb1a0821c0680337539c150b7c8ed68b043e7477feddbc4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 17:03:15 GMT
server
nginx
etag
W/"61e05b53-422"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Fri, 14 Jan 2022 13:41:10 GMT
tile.jpg
static.alphacoders.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.alphacoders.com/tile.jpg
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e11bb6fd697b8be4d7508b6c396f7ef3277205c359ccf9eff56f744a2d4e9e26

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
HIT
age
69849
cf-bgj
h2pri
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6046
last-modified
Fri, 20 Mar 2015 19:58:02 GMT
server
cloudflare
etag
"550c7bca-179e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efde3b47715a-YUL
expires
Sat, 12 Feb 2022 17:17:01 GMT
elusiveicons-webfont.woff
wall.alphacoders.com/elusive-icons-2.0.0/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wall.alphacoders.com/elusive-icons-2.0.0/fonts/elusiveicons-webfont.woff?v=2.0.0
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/elusive-icons-2.0.0/css/elusive-icons-v2.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.71.114 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns537837.ip-144-217-71.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
91ae80f6f7052ffca5f547838af6d98e13939d6858f8a57c2ace77499697fd62

Request headers

Referer
https://wall.alphacoders.com/elusive-icons-2.0.0/css/elusive-icons-v2.min.css
Origin
https://wall.alphacoders.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Fri, 14 Jan 2022 12:41:10 GMT
last-modified
Wed, 15 Dec 2021 18:13:39 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"61ba3053-beac"
content-type
application/font-woff
cache-control
max-age=1209600, public
accept-ranges
bytes
content-length
48812
expires
Fri, 28 Jan 2022 12:41:10 GMT
thumbbig-917748.webp
images2.alphacoders.com/917/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.alphacoders.com/917/thumbbig-917748.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
235845fba5a425cf4b3083cda28810069f328e11cd71e33b02a9b0e59e2c5976

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 21:06:10 GMT
server
cloudflare
etag
"60b15b42-9a1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdeaa467156-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39450
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-940628.webp
images.alphacoders.com/940/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.alphacoders.com/940/thumbbig-940628.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe96e049095eb1f4ac1aeb54b92c03f71d9aa8a0d3643ef35191302a7864f9a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 14:09:03 GMT
server
cloudflare
etag
"60b0f97f-8442"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdeabaf715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33858
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-945393.webp
images2.alphacoders.com/945/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.alphacoders.com/945/thumbbig-945393.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
697e8ccc1586d0b981a08ff820403c24ed2f1fa83862fdea36b7e834cd7a2dc2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 12:46:39 GMT
server
cloudflare
etag
"60b0e62f-8e18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdeaa487156-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
36376
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-1046093.webp
images.alphacoders.com/104/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.alphacoders.com/104/thumbbig-1046093.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5bb6806f900dfe1a9487808c92dffd66490da46cab99afd2c3b005086ce9a50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 06:15:42 GMT
server
cloudflare
etag
"60af390e-ace8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdeabae715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
44264
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-946526.webp
images2.alphacoders.com/946/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.alphacoders.com/946/thumbbig-946526.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe83916fcd7d4c761fdba30973be64a77f54e78daa4a5b1b537f60cc9ef2e8df

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 12:28:20 GMT
server
cloudflare
etag
"60b0e1e4-7f40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdeaa4a7156-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32576
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-916483.webp
images5.alphacoders.com/916/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images5.alphacoders.com/916/thumbbig-916483.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa3e87dbff2db383f7e72a575e72aeb99b34e2b7e1593e2cae58c9a268298579

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 21:34:57 GMT
server
cloudflare
etag
"60b16201-a566"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdea8977136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
42342
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-946546.webp
images8.alphacoders.com/946/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images8.alphacoders.com/946/thumbbig-946546.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32a0e84c5f8846e4bca9b38e9b05609ac5b1afaeff9344064d172e0e584ee834

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 12:28:01 GMT
server
cloudflare
etag
"60b0e1d1-ede6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdea8907136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
60902
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-946311.webp
images8.alphacoders.com/946/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images8.alphacoders.com/946/thumbbig-946311.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
237574c1e0ec7cf1ebbf22f92204a6611bd42ddbb9ac3d8b986deac694244b5c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 12:31:17 GMT
server
cloudflare
etag
"60b0e295-a2f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdea8927136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41712
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-916476.webp
images6.alphacoders.com/916/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images6.alphacoders.com/916/thumbbig-916476.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cb1b5d7d34ca5bbf63dce8094b477a55b96ce64dc47dced76d181976ba248a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 21:35:03 GMT
server
cloudflare
etag
"60b16207-d600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdeb89e7136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54784
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-1056326.webp
images4.alphacoders.com/105/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.alphacoders.com/105/thumbbig-1056326.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd181375189e99e1781d805ce331f361275384a056425f855c2df7cfff71b39

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 03:12:50 GMT
server
cloudflare
etag
"60af0e32-d5d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdeb89b7136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54740
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-916480.webp
images2.alphacoders.com/916/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.alphacoders.com/916/thumbbig-916480.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2ea64b334aaa65f062d5abc47ecc1580422ba79325108b70aa76a1cbb75df47

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 21:35:00 GMT
server
cloudflare
etag
"60b16204-8602"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdeaa4f7156-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34306
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-916474.webp
images8.alphacoders.com/916/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images8.alphacoders.com/916/thumbbig-916474.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032e6bde6bb40a45cc3b37521a431baf04266f10e902dcff903b8a678db7675d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 21:35:05 GMT
server
cloudflare
etag
"60b16209-adb2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdea8947136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
44466
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-946307.webp
images4.alphacoders.com/946/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.alphacoders.com/946/thumbbig-946307.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36221de882f3c805484c4ae4ade170f5ff78bee4ab424c97afd89904850f5ddb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 12:31:22 GMT
server
cloudflare
etag
"60b0e29a-25d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdeb89c7136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9686
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-951251.webp
images4.alphacoders.com/951/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.alphacoders.com/951/thumbbig-951251.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ccab3eb7be13c5f2844e83fa9bf2a7168d16643951cee7f774909cd9d81c3b1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 11:14:39 GMT
server
cloudflare
etag
"60b0d09f-b6a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdeb89a7136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
46760
expires
Sun, 13 Feb 2022 12:41:10 GMT
thumbbig-938236.webp
images4.alphacoders.com/938/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.alphacoders.com/938/thumbbig-938236.webp
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4379d396f85d7bee7f6681236ff6d976b8df37ebbf2d5bd4ec7244e7eb3eb3e5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 14:48:23 GMT
server
cloudflare
etag
"60b102b7-c1c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6cd6efdeb89d7136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49600
expires
Sun, 13 Feb 2022 12:41:10 GMT
pubads_impl_2022011002.js
securepubads.g.doubleclick.net/gpt/ 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 18:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65379
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121009
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 13 Jan 2023 18:31:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		165 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wall.alphacoders.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
bdb86a90b4fc73a590adb2e3c5cac4c0b535962dcf0f4517d6371760dc6aeb89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
expires
Fri, 14 Jan 2022 12:41:10 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HL65XQTV30&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-281956-21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b97b2a243716415e0729526a1b9c200df867522b982144085c0b465157453f1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62569
x-xss-protection
0
expires
Fri, 14 Jan 2022 12:41:10 GMT
collect
www.google-analytics.com/g/ 		0
174 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-HL65XQTV30&gtm=2oe1c0&_p=1032131484&sr=1600x1200&ul=en-us&cid=1566614475.1642164070&_s=1&dl=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&dt=110%2B%20Shadow%20of%20the%20Tomb%20Raider%20HD%20%D0%9E%D0%B1%D0%BE%D0%B8%20%7C%20%D0%A4%D0%BE%D0%BD%D1%8B&sid=1642164070&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HL65XQTV30&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wall.alphacoders.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-281956-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
11
date
Fri, 14 Jan 2022 12:40:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 14 Jan 2022 14:40:59 GMT
hbw_master_309851_7594.js
player.hb.selectmedia.asia/prebidlink/456156/ 		152 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/456156/hbw_master_309851_7594.js
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/wrapper_hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
32f2b21bb95da903dbeeaf23f2faf4696a66b61165221deeed62b69e47f97b95

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 17:03:15 GMT
server
nginx
etag
W/"61e05b53-25e68"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Fri, 14 Jan 2022 13:41:10 GMT
config.json
player.adtelligent.com/exchange_rates/305666/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/305666/config.json?cb=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
f0b48d53619eb041b8dcfe858927602fd4df76501a5077b458094a66ab4494df

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
last-modified
Fri, 14 Jan 2022 12:01:07 GMT
server
nginx
etag
W/"61e16603-67dc"
content-type
application/json
access-control-allow-origin
https://wall.alphacoders.com
expires
Fri, 14 Jan 2022 13:41:10 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
/
ghb.hb.selectmedia.asia/geo/ 		127 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hb.selectmedia.asia/geo/
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hbw_master_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
87f0a47edd31591379b61cd2dbd8b1814e23c90f7d8b10fa0ab30735a01db846

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://wall.alphacoders.com
Date
Fri, 14 Jan 2022 12:41:10 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
127
Content-Type
application/json
tracking
ghb.hb.selectmedia.asia/adunit/ 		43 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hb.selectmedia.asia/adunit/tracking?event=11&type=0&client_id=309851&site_id=7594&full_page_url=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&adid=ee369f.ke&features=32&vpbv=N042&lifecycle_tte=616
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hbw_master_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://wall.alphacoders.com
Date
Fri, 14 Jan 2022 12:41:10 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
j.html
p.deliveryapis.com/prebidlink/19006/ Frame 1D83 		1 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.deliveryapis.com/prebidlink/19006/j.html?i=11597
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 16 Sep 2020 14:50:15 GMT
etag
W/"5f622627-434"
cache-control
max-age=3600
content-encoding
gzip
expires
Fri, 14 Jan 2022 13:41:10 GMT
access-control-allow-origin
*
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1032131484&t=pageview&_s=1&dl=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&ul=en-us&de=UTF-8&dt=110%2B%20Shadow%20of%20the%20Tomb%20Raider%20HD%20%D0%9E%D0%B1%D0%BE%D0%B8%20%7C%20%D0%A4%D0%BE%D0%BD%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=712966480&gjid=2145971874&cid=1566614475.1642164070&tid=UA-281956-21&_gid=184160088.1642164071&_r=1&gtm=2ou1c0&z=1793700676
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wall.alphacoders.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-281956-21&cid=1566614475.1642164070&jid=712966480&gjid=2145971874&_gid=184160088.1642164071&_u=YADAAUAAAAAAAC~&z=1663387757
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::9c Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 14 Jan 2022 12:41:10 GMT
content-type
text/plain
access-control-allow-origin
https://wall.alphacoders.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pbm_307825_11597.js
p.deliveryapis.com/prebidlink/19006/ Frame 1D83 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.deliveryapis.com/prebidlink/19006/pbm_307825_11597.js
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/19006/j.html?i=11597
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
903216b8bc379bba8176939da20d0a59a2031a0b2cce91e717cf180d09204f2f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://p.deliveryapis.com/prebidlink/19006/j.html?i=11597
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 16:39:55 GMT
server
nginx
etag
W/"61e055db-7ec2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Fri, 14 Jan 2022 13:41:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=55&alt_size_ids=57&eid_pubcid.org=5a473504-07bb-4346-a927-ecc7c6db181c%5E1&rf=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=1d04b446-ec9a-4a04-89f4-5b663d1bb569&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.038053439170461
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
70d1249dd65ef49fd2803818fc81ed23f11f9f205b252641ba7ac6f00a7f24c0

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 12:41:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wall.alphacoders.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=55&alt_size_ids=57&eid_pubcid.org=5a473504-07bb-4346-a927-ecc7c6db181c%5E1&rf=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=0fa3fa19-2e53-476a-b7b9-b16536c9be94&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.35488864692411415
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a04b59a04eb1cd8d6c291a226865a5b49d9279adcf8483629fe31b3cbdd402a1

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 12:41:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wall.alphacoders.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
adtelligent-d.openx.net/w/1.0/ 		172 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1d04b446-ec9a-4a04-89f4-5b663d1bb569%2C0fa3fa19-2e53-476a-b7b9-b16536c9be94&nocache=1642164070756&pubcid=5a473504-07bb-4346-a927-ecc7c6db181c&schain=1.0%2C1!adtelligent.com%2C309851%2C1%2C%2C%2C&aus=970x250%2C970x90%7C970x250%2C970x90&divids=div-gpt-ad-1641447560680-0%2Cgpt_unit_%252F4594367%252Falpha_coders_infinite_scroll_0&aucs=%2C&auid=541177132%2C541177132
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e1982f3ce9bee4ad60f0a90a19efd3e04f8a9be9b1ca85079186a9a01dacca1b

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wall.alphacoders.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wall.alphacoders.com
date
Fri, 14 Jan 2022 12:41:10 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cygnus
htlb.casalemedia.com/ 		37 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2210265b822a4aa04%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.7.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221189ebbebcd9907%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225a473504-07bb-4346-a927-ecc7c6db181c%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.237.164 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-237-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c4d0507a0dd2bbdb072e29b6c007111b7a69e116c26a64449fed9e84b2df3b6e

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:10 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://wall.alphacoders.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Fri, 14 Jan 2022 12:41:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		471 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0b875e9ccc10752769130c13cda92d5d683e52d85af1debb657e9793c9318c4d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 12:41:10 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 639.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
00881f0a-0e5c-4d23-9d30-5edb29936bc9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wall.alphacoders.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
471
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		112 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aTa9Fs3kCr6PSMaKlId8sQ
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
26f91b5ac07a14c5e973fac6c1a8dc4cda4a7f305f18c013274e8d621e117fce

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wall.alphacoders.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		112 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cgNLOOczKr66P8aKlId8sQ
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
26f91b5ac07a14c5e973fac6c1a8dc4cda4a7f305f18c013274e8d621e117fce

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wall.alphacoders.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		112 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cgNLOOczKr66P8aKlId8sQ
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
26f91b5ac07a14c5e973fac6c1a8dc4cda4a7f305f18c013274e8d621e117fce

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wall.alphacoders.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d5d017575e55082f3407586007b&pos=8a969d5d017575e55082f342f546007d&cmd=bid&secure=1
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1a43eae79660672e4a1fbaaf2bd7d823b8f86e6d215686668063325cda16fc45

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wall.alphacoders.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d5d017575e55082f3407586007b&pos=8a969d5d017575e55082f342f546007d&cmd=bid&secure=1
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
38690ddac718aa545df4ed2d21217f0d1f533c4ed17a84d0043b555a8e41ffbc

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wall.alphacoders.com
access-control-allow-credentials
true
content-length
62
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wall.alphacoders.com
date
Fri, 14 Jan 2022 12:41:10 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cygnus
htlb.casalemedia.com/ 		21 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=567515&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2231305640106d753%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%226.7.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22err%22%3A%7B%222%22%3A5%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2234d9059b90486fc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22567515%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22567515%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22395d32066d2c877%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22567515%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22567515%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22selectmedia.asia%22%2C%22sid%22%3A%225f0efef38bbf6f6bc621f9d5%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225a473504-07bb-4346-a927-ecc7c6db181c%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.237.164 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-237-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec2d889e42ca874373ee700e0aa44b904ddd761029dadd80ed6e8dbf3d601241

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:10 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://wall.alphacoders.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
21447
x-ak-client-geo
19
expires
Fri, 14 Jan 2022 12:41:10 GMT
auction
rtb.adxpremium.services/openrtb2/ 		0
0
prebid-request
onetag-sys.com/ 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://wall.alphacoders.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ 		94 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.7.0-pre
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
48c6607a623bfae7b06f7b091e7749516a95944fd9d8252a339901aa82d98ef0

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 14 Jan 2022 12:41:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://wall.alphacoders.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20598&site_id=354498&zone_id=1888748&size_id=55&alt_size_ids=57&rp_schain=1.0,1!selectmedia.asia,5f0efef38bbf6f6bc621f9d5,1,,,&eid_pubcid.org=5a473504-07bb-4346-a927-ecc7c6db181c%5E1&rf=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=1d04b446-ec9a-4a04-89f4-5b663d1bb569&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9383113246288535
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
cd3fcab1cffe6f9960dde9a947be1488fa74ef2988f2f22eb71726bbcea5c8e8

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 12:41:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wall.alphacoders.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20598&site_id=354498&zone_id=1888748&size_id=55&alt_size_ids=57&rp_schain=1.0,1!selectmedia.asia,5f0efef38bbf6f6bc621f9d5,1,,,&eid_pubcid.org=5a473504-07bb-4346-a927-ecc7c6db181c%5E1&rf=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=0fa3fa19-2e53-476a-b7b9-b16536c9be94&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5030758643107729
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
84af7cef078a8aec5cb3a415b9ec9e6af9451e7b39f7e2b61f99bc6cd5b5e72c

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 12:41:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wall.alphacoders.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=50504&zone_id=1893172&size_id=55&alt_size_ids=57&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=5a473504-07bb-4346-a927-ecc7c6db181c%5E1&rf=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=1d04b446-ec9a-4a04-89f4-5b663d1bb569&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6357186819713141
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1506581a322ad385916ec79c63401dce523a3d4c5e1a7440b96f976a06aaa62f

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 12:41:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wall.alphacoders.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=50504&zone_id=1893172&size_id=55&alt_size_ids=57&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=5a473504-07bb-4346-a927-ecc7c6db181c%5E1&rf=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=0fa3fa19-2e53-476a-b7b9-b16536c9be94&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.16828430136114614
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
73448e08e8e7f6e8f9abc67b4309ba87c1d7e40150bddcdb38f0072bb89a0188

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 12:41:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wall.alphacoders.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wall.alphacoders.com
date
Fri, 14 Jan 2022 12:41:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ROS
pbjs.e-planning.net/pbjs/1/2e43c/1/wall.alphacoders.com/ 		2 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2e43c/1/wall.alphacoders.com/ROS?rnd=0.6298125632932845&e=970x250_0%3A970x250%2C970x90%2B970x250_1%3A970x250%2C970x90&ur=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&pbv=6.7.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&e_pubcid=5a473504-07bb-4346-a927-ecc7c6db181c
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.126 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wall.alphacoders.com
date
Fri, 14 Jan 2022 12:41:10 GMT
access-control-allow-credentials
true
server
openresty
content-type
text/plain
content-length
2
x-sid
IAD-1219
prebid
ib.adnxs.com/ut/v3/ 		262 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9f37866ff681b5938b52b9848d04a603727e84e64aa395adadc4ce65569641b7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 12:41:10 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 639.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
62c2ed1f-5e8c-4964-ac74-6913ba4e1393
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wall.alphacoders.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
262
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=65999199513
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://wall.alphacoders.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
adjson
ads.betweendigital.com/ 		2 B
916 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wall.alphacoders.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wall.alphacoders.com
date
Fri, 14 Jan 2022 12:41:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
ghb.adtelligent.com/v2/auction/ 		711 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
f60f4f432b29e8e7b604ece0d42301f619383f6455f0362ada907edba35d0b03

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 14 Jan 2022 12:41:10 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://wall.alphacoders.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
334
c
prebid.a-mo.net/a/ 		0
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wall.alphacoders.com
date
Fri, 14 Jan 2022 12:41:10 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/ 		94 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.7.0-pre
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
c353712a178e437586586c7df4df1f72a6a4326e86253f70c8865b241b8a507a

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 14 Jan 2022 12:41:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://wall.alphacoders.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
csyncs
ghb.hb.selectmedia.asia/ 		441 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hb.selectmedia.asia/csyncs?aid1=547532&aid2=547533&aid3=undefined
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hbw_master_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
63f89fea60bbfdd65baaf8b1d1ccb9779cf18b3dff20a26ebc83680d2a27cc38

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 12:41:10 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://wall.alphacoders.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
282
tracking
ghb.adtelligent.com/adunit/ Frame 1D83 		43 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?pubbid=0&event=11&full_page_url=https%3A%2F%2Fwall.alphacoders.com&adid=1d93605ff474cc&vpbv=M055&client_id=307825&site_id=11597&lifecycle_tte=261
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/19006/pbm_307825_11597.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://p.deliveryapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.deliveryapis.com
Date
Fri, 14 Jan 2022 12:41:10 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
/
ghb.adtelligent.com/geo/ Frame 1D83 		127 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/19006/pbm_307825_11597.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
87f0a47edd31591379b61cd2dbd8b1814e23c90f7d8b10fa0ab30735a01db846

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://p.deliveryapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.deliveryapis.com
Date
Fri, 14 Jan 2022 12:41:10 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
127
Content-Type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 1D83 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/19006/pbm_307825_11597.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7a5df94e1ccbbef8e63969742fa5cfeee8bbcd820a4f270a1b051425fab9baf0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://p.deliveryapis.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 14 Jan 2022 12:41:11 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 639.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dd5e7802-219e-4b5d-b3b1-9d27e70845b2
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://p.deliveryapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 1D83 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.22&cb=15284070948
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/19006/pbm_307825_11597.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.deliveryapis.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 14 Jan 2022 12:41:10 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://p.deliveryapis.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid-request
onetag-sys.com/ Frame 1D83 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/19006/pbm_307825_11597.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.deliveryapis.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://p.deliveryapis.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1D83 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/19006/pbm_307825_11597.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.deliveryapis.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://p.deliveryapis.com
date
Fri, 14 Jan 2022 12:41:11 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
auction
rtb.adxpremium.services/openrtb2/ Frame 1D83 		0
0
1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=af36c04a184a6a7c
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=af36c04a184a6a7c
Protocol
HTTP/1.1
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 12:41:11 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=af36c04a184a6a7c
Date
Fri, 14 Jan 2022 12:41:10 GMT
Server
VertaMedia 1.0
Etag
af36c04a184a6a7c
Content-Length
0
csync
sync.adtelligent.com/
Redirect Chain
  • https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=324902&extuid=a9510182358aa5d69146
0
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=324902&extuid=a9510182358aa5d69146
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 12:41:10 GMT
Server
VertaMedia 1.0
Etag
af36c04a184a6a7c
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:11 GMT
server
Hybrid Web Server
location
https://sync.adtelligent.com/csync?t=a&ep=324902&extuid=a9510182358aa5d69146
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
116
content-length
0
x-xss-protection
1; mode=block
expires
-1
multitracking
ghb.hb.selectmedia.asia/adunit/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hb.selectmedia.asia/adunit/multitracking
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hbw_master_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://wall.alphacoders.com
Date
Fri, 14 Jan 2022 12:41:11 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
mut
ghb.adtelligent.com/adunit/ Frame 1D83 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/19006/pbm_307825_11597.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.deliveryapis.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.deliveryapis.com
Date
Fri, 14 Jan 2022 12:41:11 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wall.alphacoders.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 12:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1312413844531790&correlator=1118185567101597&output=ldjh&impl=fifs&eid=31063377%2C31064083&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=4594367%2Calpha_coders_top_center%2Calpha_coders_infinite_scroll&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=970x250%7C970x90%2C970x250%7C970x90&prev_scp=hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1641447560680-0%26is_vmhbmp%3Dtrue%26hb_override_id%3D2446385%26hb_buyer_id%3D15551%26hb_r_id%3D34d9059b90486fc%26hb_site_id%3D7594%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.03%26hb_adid%3D991716576197259%26hb_bidder%3Dix%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Dgpt_unit_%252F4594367%252Falpha_coders_infinite_scroll_0%26is_vmhbmp%3Dtrue%26hb_override_id%3D4014262%26hb_buyer_id%3D15551%26hb_r_id%3D395d32066d2c877%26hb_site_id%3D7594%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.03%26hb_adid%3D98c4b09782b9034%26hb_bidder%3Dix%26excl_cat%3DPREPOST&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1642164072&dt=1642164072798&dlt=1642164070014&idt=356&frm=20&biw=1600&bih=1200&oid=2&adxs=315%2C315&adys=415%2C7040&adks=3240736744%2C2617088365&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&vis=1&scr_x=0&scr_y=0&psz=1600x280%7C1600x300&msz=1600x0%7C1600x0&ga_vid=1566614475.1642164070&ga_sid=1642164073&ga_hid=1032131484&ga_fc=true&fws=0%2C0&ohw=0%2C0&btvi=0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
5b50363b5cf49656e8e8d78aa22f8cc49a52b377150f88915197668256a93ecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10217
x-xss-protection
0
google-lineitem-id
5881028289,5440256832
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377549331,138319356721
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wall.alphacoders.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57017f76fc8c8ee794842ddfd3931d3844a46b81d24503edd8bf21296dc9f96d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 12:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
container.html
56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E587 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 14 Jan 2022 12:41:12 GMT
expires
Sat, 14 Jan 2023 12:41:12 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:12 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Jan 2022 12:41:12 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8A73 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/19006/pbm_307825_11597.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://p.deliveryapis.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 14 Jan 2022 12:41:12 GMT
Age
21885409
X-Served-By
cache-lga21960-LGA, cache-yul12823-YUL
X-Cache
HIT, HIT
X-Cache-Hits
263, 301483
X-Timer
S1642164073.864540,VS0,VE0
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame BA8C 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1642164072817
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/19006/pbm_307825_11597.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://p.deliveryapis.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
async_usersync
secure.adnxs.com/ Frame 8A73 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.207 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 12:41:12 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 802.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
b20e27f4-2bdb-4bce-a249-4bfb45eb3c4c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Jan 2022 12:41:13 GMT
syncframe
gum.criteo.com/ Frame 5F84 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wall.alphacoders.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
a06b2069a29e8ec11194fafb2d80577880568e27d910e6eaa67e712a90fbb9bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2081
date
Fri, 14 Jan 2022 12:41:12 GMT
content-length
4160
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:43 GMT
server
nginx
etag
W/"61cc54f3-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Jan 2022 12:41:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AFB0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 14 Jan 2022 06:14:44 GMT
expires
Sat, 14 Jan 2023 06:14:44 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
23189
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4583 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
30718b4ce10a9ba6c7f2a1727a7c5164d8b97c998edf3cff19380c3e465cc525
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AUCY96lBmLDh5pL7c1hu7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 14 Jan 2022 12:41:13 GMT
date
Fri, 14 Jan 2022 12:41:13 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-AUCY96lBmLDh5pL7c1hu7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame AFB0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 02:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
208682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 02:43:11 GMT
tags.js
tags.expo9.exponential.com/tags/AlphaCoderscom/ROS2/ Frame B459 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.expo9.exponential.com/tags/AlphaCoderscom/ROS2/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:517 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2306
x-function
151
last-modified
Wed, 11 Aug 2021 04:08:51 GMT
server
cloudflare
x-reuse-index
5
etag
5909443542969422214
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, public
cf-ray
6cd6eff18d264bca-YUL
expires
Fri, 14 Jan 2022 13:41:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B459 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Jan 2022 12:41:13 GMT
container.html
56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0437 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 14 Jan 2022 12:41:12 GMT
expires
Sat, 14 Jan 2023 12:41:12 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame B459 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9NjHU0S7ApeJn7Panwc32L909jyYIgkUsfmT2XFHwiXZ34S1ddFaYj15BBZ632Akg5EQMU27_EmOYzFL6F7iTawkyLVpRh9wORrgpOAzMXrO2422ZXUqQ3faXEUj_BgE2G-paY9XcZ96qr-w_vzddOKOBJHkGaWWqqcm_lRbX6H22ion8XClqawSDrNvZ2fm5kIJLpqQt1EWlykQg7JJrWh7l5eiUCjiWk4mQHKtf0Eq0cX5bF5tFalskL3iH2EAERaKZwotmJIlR6jSo0Ngaw--mzqhj19XhnnVR3D953E8iAIRMHk7-hRoecAA90gCdZVsvVChr3s8dLDr2IU9btVJLMtg&sai=AMfl-YQ7DPpUO01sSAgketkcrWZYZGemQF9-PpdFD1uhETb-yof7tBw8O7HNiDaT52m0q7lkTjuO2q4vOqxRJoIuIitAbcQguKYDUV0DuHeK4pOU5t0RJhd1HgTtiW1bnWZ9&sig=Cg0ArKJSzHwLuNmrDQ81EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 12:41:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 14 Jan 2022 12:41:13 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4583 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=1312413844531790&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0437 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com
URL: https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 18:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 12 Jan 2023 18:49:22 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 0437 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com
URL: https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12211
x-jsd-version
1.13.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19140-FRA, cache-yyz4525-YYZ
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6cd6eff20b907151-YUL
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0437 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com
URL: https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Jan 2022 12:41:13 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0437 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7kx5HwEKPV8j1qJSqcLO3A4w-Yid7Iw0OSi1vQkzU22gWQfTxKh96dmsWZ2r0n2QH4Pb0CM-8IXgOsnCB2Z7E_96E7S0xY8squKGLJWih9rUgnb5Oqlzo9EEGDaMswAK3iXfSc7bDUaarRMq11ykVJD2udu6UaQk0Rmseew_Rx6Hd9qMHqrYw75H5G1mfbkEbMVIpUumXucCdg_6dAhj3aP6WMU9O0BNGP2rjf65ElXjMW_402tt1g_8ZuIywdEKL3nEHPOYl18qz_W8uuBgM_8_g_ROf2nIUnBbVRyXX9S_eBYTh_g0_nhAj50bvDiglhEpvDmDRLqqpZFaLmw&sai=AMfl-YRkWZEaExzaMBkgoljRxjfcKsuEc6csgu0osc4iAqS9Ii71h4hjPWrvLz_OCTbEHreTxjFFKK0NZTPHHq4zd6EeqhGbGI0W1LF-oWsUGMeAY_cRVxpb_0P_nqJb2nfW&sig=Cg0ArKJSzCGR-W6-Lqv9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: 56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com
URL: https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 12:41:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
generate_204
tpc.googlesyndication.com/ Frame AFB0 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gcE7_g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sid
mug.criteo.com/ Frame 5F84
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=alphacoders.com&sn=ChromeSyncframe&so=0&topUrl=wall.alphacoders.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=-8d77HxvM2U1dGZhM3hzcmRlcGwxUnd3ZWxBTFdoWkkzbjZPeVBnaDhubU5MWTNJeTFNQjAzdjgxS1l6QWNQTUswOGZuMkdTc0gwakZFRVZsUHc0dWFad0krYXZOR25tOUpxYXh3SUlLSUFCZzFhU0NDKzZlVmp6dC9vcW...
422 B
631 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-8d77HxvM2U1dGZhM3hzcmRlcGwxUnd3ZWxBTFdoWkkzbjZPeVBnaDhubU5MWTNJeTFNQjAzdjgxS1l6QWNQTUswOGZuMkdTc0gwakZFRVZsUHc0dWFad0krYXZOR25tOUpxYXh3SUlLSUFCZzFhU0NDKzZlVmp6dC9vcWNLV2lQV2VDWHBKWkQwWE55eEtJN2NCdVhLekhkU004RzFhWU1pN1JROXVIRTN3SG5VSzMwdFFYZHJBYWVOZk9UM3lBQzhwaHNWM0lJcGVOaTBvS1dsRTI3UlUvWXU3OVpOaHJoQURFcGNLYUNGWnUyUUlRMW5Pa3l5SlpXTlNueXJWdldaK1Z3WWIyTHdabEZ2dnVjbXMrMHErQk1PQT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
7e94c765920278a55ca16a0bb9f68b4270424b97b91e1dc0871d25c82b1c41d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:13 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5048
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:12 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=-8d77HxvM2U1dGZhM3hzcmRlcGwxUnd3ZWxBTFdoWkkzbjZPeVBnaDhubU5MWTNJeTFNQjAzdjgxS1l6QWNQTUswOGZuMkdTc0gwakZFRVZsUHc0dWFad0krYXZOR25tOUpxYXh3SUlLSUFCZzFhU0NDKzZlVmp6dC9vcWNLV2lQV2VDWHBKWkQwWE55eEtJN2NCdVhLekhkU004RzFhWU1pN1JROXVIRTN3SG5VSzMwdFFYZHJBYWVOZk9UM3lBQzhwaHNWM0lJcGVOaTBvS1dsRTI3UlUvWXU3OVpOaHJoQURFcGNLYUNGWnUyUUlRMW5Pa3l5SlpXTlNueXJWdldaK1Z3WWIyTHdabEZ2dnVjbXMrMHErQk1PQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1966
content-length
541
expires
0
tags.js
s.tribalfusion.com/real/tags/AlphaCoderscom/ROS2/ Frame B459 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/real/tags/AlphaCoderscom/ROS2/tags.js
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/AlphaCoderscom/ROS2/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a860237fd3ee3aaa8dd6376d9135ecf9961f884a42b5c3ac138f10afb4d6dc8a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14155
x-function
151
last-modified
Wed, 11 Aug 2021 04:08:51 GMT
server
cloudflare
x-reuse-index
44
etag
14486810214222420345
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
6cd6eff29829713e-YUL
expires
Fri, 14 Jan 2022 13:41:13 GMT
truncated
/ Frame 0437 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdf7870968e2a6bd2f1c8f0d55802edd2ebec630a86730ba6663b29d55d42712

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0437 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstb67tR1ltU6EV1UjdA4f3kLMReegtkNV5CK5w2ZIN1Wr3pzQf_U015eTF4_RvJOrRpLcgR46FJqYcmMIjh2Hc3o3QKOe-E2RsOUqPYot4ziC2R9LfdswY9BURcoYwAZIQymQaKHVHcrCHbN2kUIokaoArcEN_8-JKU5gqra06zvz54EWNzdUKRyDHlu5oTmdWzwUvuda5TeTguC-JTuMYjEAINVg2a1_eqoAWBGs_ERCmqqgyKUgnzoFZ3Z-R4TOumijzc_69-UF4LoqOvdy-O_U8IIrW8Z-WJGQGO5jMwjg78n7Gcj5j_Rfa6pWzhoiZdsSsEWySLlfljvvWL7TIc&sai=AMfl-YQsJHtINCzBLaMFMadASICdyyx-IA8oxhFdzw11sZ-4bJL1-3XB793tcZllf6yfHmnSPjuVIihEByu64rbUHr8hSCtrk24M_ljOdQQrGqOvx789RbJ3cXDKpgw-N7Mk&sig=Cg0ArKJSzCloVFWvqA5iEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 12:41:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 14 Jan 2022 12:41:13 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F2B8 		663 B
748 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCEMHGmI0DGLu4sL8BMAE&v=APEucNXbYRX9cHTm7xsgYSH-EayhD4tzeb8QUYBcEfC4eOgddm50wRhLzLOlJqgqh9iRUcY1S7nRMMF7htUJNXypsaKJ-wrjMw
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 14 Jan 2022 12:41:13 GMT
server
cafe
cache-control
private
content-length
292
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 7376 		52 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFJ8WQGNV2BSGZNihwPVm1U0Gs9X_y7Ff765Ks7LDO18ob2Aw7lBOEgYmvO5NeCxeN4EdiRN0ni75exFuvYpfJ-0TPhzHix1tkMZ-mAmxHERCHCUJkm2DHeAu9-GR06hCDJLJkMvTHp1vbKjMk5lNSn0ap5Q&cry=1&dbm_d=AKAmf-Bi-VnSFbmeKd71gOqUHn9K1J4q43ucgUyKRWup0012ELG4eXOM3gLdor1_tDYFtuDMcEb7S3j34U4dbWWMlPGM1ke-Ftn9q4Vo5SBTKfzi98Hwb_McoNj3rIvsAlrQVnhknQLH578LaCTwP9QF0ionCjl01ftVBVRj-wTefahYYGO62lf1USenQBcY_E7uTWnYzuGm6KvZIwnRien4k58W-iy8h6ubCjJ1BMqEzOKWw3dIaE3jepqmdjbfNZ4Pqymz9dSuT5BJ3Rjw3ziezN0Gz3KP5ivB7Rj0Z0yalhabMG0xV7Ke3lMRCHzG1f9JryrDVpwp5sX5FVdm7Jh1bLQyhm_f9DbPa2WfRnKJUOxsYAokvDNeo_9Wi9XAJy0QF9Fo21TL7vwsuIhqLOs41Rle6KhF33B3livEe75Psh1DKTKJL3s1GWQly1_MnkjWoGghUFl0Xw7wXJ2p0oKsyKa6U0beGjfXRIn93AIIeS0A2MvN9AcT8kKk13fD6E0dm9QYuqd-xpfgAH2fR1wOiSG7oNLhhgKGEuOaljFXP7RKDbNrebN-hzvklbD1DaLxHWQVyZ824tj6EobbwSSS1m-dYslTpe1beMshubih41p4XlNV8HY-hsYISWHtGt9U-s-NtPWgDsooIGe3_WN2F71UOQXLI-jHbYhR-_VBckb9z2obhhT4OMI0X7S7UY1a4FhrA8Jko2FrltsbIo_kljqV6LyIFSnJAj-AtCHbHlHoXFYtq6W-Muqvd8E5O4AmtWcicyM4u1KXTMAK_gXzV6oqA3IBS7dZQoxWOiv238o_WdSRIYWtafAoMXyfzyFS0zzvfkLYKPnmqZCHLDbTNXLUwX2J-6hPmtooJSfMGGiosV2skJV5V-hGlKC57VYU9znI1hQMcSEQue1DOd_wBTjhzdnHwr80JuxVxeHoa6eY_SI8PueNo_PjhwfIClqjPLa0RT7DE04BsdVfhg0GlzPspuW7k-CVvVzGCyxOtxfy5eEyndg30EisFsM911xKSjsFTNLFidb5PgQfvk2SCYo-cK-SHMPiO039iU9zBsEjApMKJ9UEJ-g1NpaXCWld2Me-EM_IrSL893rmyIpfCJThgqTUSp0zEZyTrcRhvwWQ8ZKRl1dKQMmTu0w1EeXBpnRmqQq1HxpPagfUvz2LN2XGoiPL9GFLCvoto-4smXdNlaf27zdiEn7oOBkuwxbiT1XN42mmmDjtiJF4Y98pg-pmxsC5QcPa4oOYeHJGL_q6TaHg5S16HolGwkCg5EZWnbKTVrBv-U2nh3OsSQw48xWENsoeq8ohO7ees9JaxSo6vi5ewlR7NO9H_tPicb8726LEr9ym3hml-mQW9d4PT4fXB6X0cjUDab6TJVk2kXKD1FuYcGbBtrmjYkcq2mnqDTOFKOhDC1wqY_QItSILsmGhiTUFzryFtRFZ-T8g76iHcXob4kl1UOYLuqLisEv6j0n17Ky3-aDafvHNaE99im7TqIP_btIepu85OB8Hdr7UqtcleS0I38M4ZTzhhjM5DtUq8A0E-h5025YCJ-VmJhegSCwAJzpuXHSzjSjbTWrfVbYIYpWjFvVrEKhE13YgcyaRsSJM1QJg-xPqaOSr-GIOnqWLEzaGXOJSB6O8jOxgxL_BbyUZQL3g_WWP9J6wGxfMXZVVTu4NAzeCVDWzmSU5x_tr68VleYAdVYMAk4vbawV2Z-FZyH0Os4D_cUxQuDGcBF82rxS-WWxCFq9Rgza_x9O7OZdjWDq6Xalh15HuO4PhMILXUoPKsQMtHCmY6sSD9RX7Hcfl4KALN51CgsRgPoe6jE58hoEr0VCsL2nrnu53QcJEDTmNTRGaGD-lb82IUJq46YJvHXhhq4Mn5ztXh0i-afdCp7qONpley5xF44NzUtkJOecSH-t9T5f5PhBuqv8EsAxkthDRsF3OrR-jnS7sxYb_sVasZ-0e7H6tslvj8zCW17mvX6vyHI_HBS4UmAdMupOEgynkuDj1VaQ5bm-z5NwpTivqUGyDGJx81irl3N0BqUtF8DT0vb6WqYcD48myQ--lHKH3qiSSnmpIqfEqkf3CWQlTUs9KHZfL2I4nKR_5LRDllWsZUjy_oIqE7iIlC8HSm8cas2JX-Xn-zIA-6gQvYUMNIVm1oW2fkkEQo2Yp0L3kUxOAM-_K7kFChKKuqzUc07sDokQ6o0oNrF2Xy-Co962PThF28jX_kDcHZuRPFcDcmlIw5cw__Xjprc2ra8LaVwf7hezxmTSoDyPGPT5qSpuc4qs9XQ6tSAm4LPVqInrFHkGCjBhOJ5eEEfffVsy3DN1n4lxE5q-MuItavGqNFXPmWco6lE-WMuNgY0WJPblByk9Q7CFq-1SZgAXu9o_JTeP99AP9ewvy7Idooc4K5gxMdPPq1lPV0wbxDylETIpcmQCzTzvSoQN6Nl0zd-Qshu-wjUPNkztm68B7rhkJV4jQ0VcinbaswpAJyftBcvCLEEJo0E-I-mpDQhTyzcSwBiMsQrLok8NVVmGldGOHZ8l57UV_RMOlfj7pzZRYsC6eI6iNDtzSGNb8I_0H2P90bSRfUY6PLSSviQq2Ni2F9Jolk7G3Y9YO20j_f9NmssjTiwL7OPExzZnTXggHTBYEE9iE156S5xpw-YiUAGzV_JqEueH16oLGzGi0zquk0AdsTK5sfrhTFFcHjPFlA30VGCy7pdDYl3xaJt6O9rcTUVhIrQshOGP-Zvre15vomm7GbDSHBevOyVVq8BHxux5fKdewO1uDnoEq12GY3L4Ob9K651wiLdS3syZVqyMEBtpr1Kp3gefeTTcRLU2_qAVqexz5uFi85FW8vfOmh9OMq7CEI74Q06bgSTcjMpD0aV98dp3nv682Mvyz6ofB2EJkTXfPnBVIUMrRjSE50HyRAGtLPa6rddhZsDDR7XL5FK2FOFtmvW2VcRnFc0vUaQz3fyysQRAErRcBuYhV6FoTxYYqY8x9ewVuJBxMMm9lztWOs3vXugQ5k1xnQOfda1o90jn7l_bG_CJGAVDzfsaloDC0J-triuZao4_cDYI3VvjMDc_hkb1UJAL2iQwggmKArPuLPUlx_0i9-NZkSg&pr=13:YeFvZgAAAACeNY3aP9Jet777f4ZwSMOe_nxDFg&cid=CAASBORoxys&rfl=2%2Chttps%253A%252F%252Fwall.alphacoders.com%252Fby_sub_category.php%253Fid%253D289267%2526name%253DShadow%252Bof%252Bthe%252BTomb%252BRaider%252B%2525D0%25259E%2525D0%2525B1%2525D0%2525BE%2525D0%2525B8%2526lang%253DRussian%240
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af059126fd18022f9325df970fe7bc24000454a78f242df8687dcc5c019495c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25090
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
a475.casalemedia.com/impression/ Frame 7376 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a475.casalemedia.com/impression/v1?bidID=f825a463-86fe-4ed2-97b4-c8715a2c5de1&traceID=c7gmuplrv9eevbeg86j0&dspID=85&userID=&cmpro=0&ap=0.032
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
75.119.185.147 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 12:41:13 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7376 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-YCULHtjmFIOMAqLqfFe1fuEb2LZDnELhS55qwoL6HdRNvpxvOKmvdqaV3l186dcKXWnO_IT4fyY_xxSlFfF5qjGbvBybBgSg1RMRd7Gn-eIooL4
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=1312413844531790&bg=!AQKlAkbNAAaocxMpqHM7ACkAdvg8WspOvYJwifzR75etgaEfCe1zYSlvq8ktWMgyORGIe8R-xXFITAIAAAC0UgAAAAJoAQeZAt_2a4W13aso-NRlT-5l5LbGQHGiPIdAJ-HmBlPaLT_aYbLRPe_vu-aSkJyzkH67V9yJjsx3vjKIu9YCKYQmTNQm5dvGIR-f_LNdoPZLxrItDAqq8dl2bRb4HCavj-zo22a-JvGEeTUs8PQyucGVGkJF9yWbjfYhT5IyvGJkyY_NNylLN3fT_As14dxSnRMkrB5T4pQxLS50ts6amWVjitd9Mjoe0PrS3XFtUpQ19E_A0-qeqOMyl3TIAbQeOnjsJMAxOfboQ68GOHjzJgyppmN7lBzBn_TVzIUG4HwM0M22K5nGUyf6OEsJchFGbXmqvKKKnKiAXDcSR6EXqjBwrpJprjakqVEA6fPSEHJ_UPK6xb3o77r_5OULdeDAN_AYZSeiuT2T460DJbLbzjQMOWoxN8qp35ZEMkICSULFFJSI0YMrgjZN8G-2kx-zdpfCF4wuJUuNcCacmP_GlG6INcAI0mnDd58ecqoVRsOlHm5S7JuaCbcyhalDJghBak80sBgDNQw1018y5H2RU2BaCDyjBjf5JfRzYufDA0JoqmkeMx2d5ptb-V3O-Xmhhwxzw7il4zqhtQYDEsbRNJjvj58wdyky_6VfxIY0F4GmCaqbl621mpReiVUYUYeUKMkCwl-fhzX3Ue3kdx8Q8covVco3aMDBOXUhYu2wXXCq5jMGLE8v8qsVM9vMyN15MSqo-kOTH4LOkMf11blQQDy3YoAmeNV-kMkyPf9df2cmpQaFdThL4AVNH5ysXtFKQUuWSGI43tHgsQCaXzDMzSJL96vsP7aDmH_Nh4_cKXtj2waIkGsLNoNozNqzXUeqwAi0LMmmasauCiOj0de28qAoGGbnV2nsSOh-yoieBtflyOFty-ek6fGvZZcOHo2ga3NiuzAcYosTGg0NpNVWye2TGLoygddU448Fy8FnfJsvYqZHCaCzgKeOTcSHVd6cdSEFU7ySCqzdOYcO3_PK1MCZuQM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
displayAd.js
s.tribalfusion.com/ Frame B459 		677 B
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.9&th=10806271254
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/AlphaCoderscom/ROS2/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea7cd8ffc2ebe6b49177b383b20d5beba8cd6cb45aa46cd6d655d658de445e2b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
329
x-function
153
last-modified
Wed, 11 Aug 2021 04:08:51 GMT
server
cloudflare
x-reuse-index
58
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
cf-ray
6cd6eff36ae5ca53-YUL
expires
Thu, 14 Apr 2022 12:41:13 GMT
cs
cs.lkqd.net/ Frame F2B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEHyCvwRrwDKQYZfot1twOJ8&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEHyCvwRrwDKQYZfot1twOJ8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCEMHGmI0DGLu4sL8BMAE&v=APEucNXbYRX9cHTm7xsgYSH-EayhD4tzeb8QUYBcEfC4eOgddm50wRhLzLOlJqgqh9iRUcY1S7nRMMF7htUJNXypsaKJ-wrjMw
Protocol
H2
Server
146.20.128.157 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEHyCvwRrwDKQYZfot1twOJ8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F2B8
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=bWo0VnQ1aHJVZUk
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=bWo0VnQ1aHJVZUk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCEMHGmI0DGLu4sL8BMAE&v=APEucNXbYRX9cHTm7xsgYSH-EayhD4tzeb8QUYBcEfC4eOgddm50wRhLzLOlJqgqh9iRUcY1S7nRMMF7htUJNXypsaKJ-wrjMw
Protocol
H2
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 14 Jan 2022 12:41:13 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=bWo0VnQ1aHJVZUk
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
rum
dsum-sec.casalemedia.com/ Frame F2B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPPWcEuZVPfAxfNfs-SpA4Q&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPPWcEuZVPfAxfNfs-SpA4Q&google_cver=1&C=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPPWcEuZVPfAxfNfs-SpA4Q&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCEMHGmI0DGLu4sL8BMAE&v=APEucNXbYRX9cHTm7xsgYSH-EayhD4tzeb8QUYBcEfC4eOgddm50wRhLzLOlJqgqh9iRUcY1S7nRMMF7htUJNXypsaKJ-wrjMw
Protocol
HTTP/1.1
Server
69.192.109.125 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-125.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 12:41:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 14 Jan 2022 12:41:13 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 12:41:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPPWcEuZVPfAxfNfs-SpA4Q&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Fri, 14 Jan 2022 12:41:13 GMT
rum
dsum-sec.casalemedia.com/ Frame F2B8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YeFvaV4TKkZCtr9DqiYr3AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPPWcEuZVPfAxfNfs-SpA4Q&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPPWcEuZVPfAxfNfs-SpA4Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCEMHGmI0DGLu4sL8BMAE&v=APEucNXbYRX9cHTm7xsgYSH-EayhD4tzeb8QUYBcEfC4eOgddm50wRhLzLOlJqgqh9iRUcY1S7nRMMF7htUJNXypsaKJ-wrjMw
Protocol
HTTP/1.1
Server
69.192.109.125 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-125.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 12:41:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 14 Jan 2022 12:41:13 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPPWcEuZVPfAxfNfs-SpA4Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 7376 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFJ8WQGNV2BSGZNihwPVm1U0Gs9X_y7Ff765Ks7LDO18ob2Aw7lBOEgYmvO5NeCxeN4EdiRN0ni75exFuvYpfJ-0TPhzHix1tkMZ-mAmxHERCHCUJkm2DHeAu9-GR06hCDJLJkMvTHp1vbKjMk5lNSn0ap5Q&cry=1&dbm_d=AKAmf-Bi-VnSFbmeKd71gOqUHn9K1J4q43ucgUyKRWup0012ELG4eXOM3gLdor1_tDYFtuDMcEb7S3j34U4dbWWMlPGM1ke-Ftn9q4Vo5SBTKfzi98Hwb_McoNj3rIvsAlrQVnhknQLH578LaCTwP9QF0ionCjl01ftVBVRj-wTefahYYGO62lf1USenQBcY_E7uTWnYzuGm6KvZIwnRien4k58W-iy8h6ubCjJ1BMqEzOKWw3dIaE3jepqmdjbfNZ4Pqymz9dSuT5BJ3Rjw3ziezN0Gz3KP5ivB7Rj0Z0yalhabMG0xV7Ke3lMRCHzG1f9JryrDVpwp5sX5FVdm7Jh1bLQyhm_f9DbPa2WfRnKJUOxsYAokvDNeo_9Wi9XAJy0QF9Fo21TL7vwsuIhqLOs41Rle6KhF33B3livEe75Psh1DKTKJL3s1GWQly1_MnkjWoGghUFl0Xw7wXJ2p0oKsyKa6U0beGjfXRIn93AIIeS0A2MvN9AcT8kKk13fD6E0dm9QYuqd-xpfgAH2fR1wOiSG7oNLhhgKGEuOaljFXP7RKDbNrebN-hzvklbD1DaLxHWQVyZ824tj6EobbwSSS1m-dYslTpe1beMshubih41p4XlNV8HY-hsYISWHtGt9U-s-NtPWgDsooIGe3_WN2F71UOQXLI-jHbYhR-_VBckb9z2obhhT4OMI0X7S7UY1a4FhrA8Jko2FrltsbIo_kljqV6LyIFSnJAj-AtCHbHlHoXFYtq6W-Muqvd8E5O4AmtWcicyM4u1KXTMAK_gXzV6oqA3IBS7dZQoxWOiv238o_WdSRIYWtafAoMXyfzyFS0zzvfkLYKPnmqZCHLDbTNXLUwX2J-6hPmtooJSfMGGiosV2skJV5V-hGlKC57VYU9znI1hQMcSEQue1DOd_wBTjhzdnHwr80JuxVxeHoa6eY_SI8PueNo_PjhwfIClqjPLa0RT7DE04BsdVfhg0GlzPspuW7k-CVvVzGCyxOtxfy5eEyndg30EisFsM911xKSjsFTNLFidb5PgQfvk2SCYo-cK-SHMPiO039iU9zBsEjApMKJ9UEJ-g1NpaXCWld2Me-EM_IrSL893rmyIpfCJThgqTUSp0zEZyTrcRhvwWQ8ZKRl1dKQMmTu0w1EeXBpnRmqQq1HxpPagfUvz2LN2XGoiPL9GFLCvoto-4smXdNlaf27zdiEn7oOBkuwxbiT1XN42mmmDjtiJF4Y98pg-pmxsC5QcPa4oOYeHJGL_q6TaHg5S16HolGwkCg5EZWnbKTVrBv-U2nh3OsSQw48xWENsoeq8ohO7ees9JaxSo6vi5ewlR7NO9H_tPicb8726LEr9ym3hml-mQW9d4PT4fXB6X0cjUDab6TJVk2kXKD1FuYcGbBtrmjYkcq2mnqDTOFKOhDC1wqY_QItSILsmGhiTUFzryFtRFZ-T8g76iHcXob4kl1UOYLuqLisEv6j0n17Ky3-aDafvHNaE99im7TqIP_btIepu85OB8Hdr7UqtcleS0I38M4ZTzhhjM5DtUq8A0E-h5025YCJ-VmJhegSCwAJzpuXHSzjSjbTWrfVbYIYpWjFvVrEKhE13YgcyaRsSJM1QJg-xPqaOSr-GIOnqWLEzaGXOJSB6O8jOxgxL_BbyUZQL3g_WWP9J6wGxfMXZVVTu4NAzeCVDWzmSU5x_tr68VleYAdVYMAk4vbawV2Z-FZyH0Os4D_cUxQuDGcBF82rxS-WWxCFq9Rgza_x9O7OZdjWDq6Xalh15HuO4PhMILXUoPKsQMtHCmY6sSD9RX7Hcfl4KALN51CgsRgPoe6jE58hoEr0VCsL2nrnu53QcJEDTmNTRGaGD-lb82IUJq46YJvHXhhq4Mn5ztXh0i-afdCp7qONpley5xF44NzUtkJOecSH-t9T5f5PhBuqv8EsAxkthDRsF3OrR-jnS7sxYb_sVasZ-0e7H6tslvj8zCW17mvX6vyHI_HBS4UmAdMupOEgynkuDj1VaQ5bm-z5NwpTivqUGyDGJx81irl3N0BqUtF8DT0vb6WqYcD48myQ--lHKH3qiSSnmpIqfEqkf3CWQlTUs9KHZfL2I4nKR_5LRDllWsZUjy_oIqE7iIlC8HSm8cas2JX-Xn-zIA-6gQvYUMNIVm1oW2fkkEQo2Yp0L3kUxOAM-_K7kFChKKuqzUc07sDokQ6o0oNrF2Xy-Co962PThF28jX_kDcHZuRPFcDcmlIw5cw__Xjprc2ra8LaVwf7hezxmTSoDyPGPT5qSpuc4qs9XQ6tSAm4LPVqInrFHkGCjBhOJ5eEEfffVsy3DN1n4lxE5q-MuItavGqNFXPmWco6lE-WMuNgY0WJPblByk9Q7CFq-1SZgAXu9o_JTeP99AP9ewvy7Idooc4K5gxMdPPq1lPV0wbxDylETIpcmQCzTzvSoQN6Nl0zd-Qshu-wjUPNkztm68B7rhkJV4jQ0VcinbaswpAJyftBcvCLEEJo0E-I-mpDQhTyzcSwBiMsQrLok8NVVmGldGOHZ8l57UV_RMOlfj7pzZRYsC6eI6iNDtzSGNb8I_0H2P90bSRfUY6PLSSviQq2Ni2F9Jolk7G3Y9YO20j_f9NmssjTiwL7OPExzZnTXggHTBYEE9iE156S5xpw-YiUAGzV_JqEueH16oLGzGi0zquk0AdsTK5sfrhTFFcHjPFlA30VGCy7pdDYl3xaJt6O9rcTUVhIrQshOGP-Zvre15vomm7GbDSHBevOyVVq8BHxux5fKdewO1uDnoEq12GY3L4Ob9K651wiLdS3syZVqyMEBtpr1Kp3gefeTTcRLU2_qAVqexz5uFi85FW8vfOmh9OMq7CEI74Q06bgSTcjMpD0aV98dp3nv682Mvyz6ofB2EJkTXfPnBVIUMrRjSE50HyRAGtLPa6rddhZsDDR7XL5FK2FOFtmvW2VcRnFc0vUaQz3fyysQRAErRcBuYhV6FoTxYYqY8x9ewVuJBxMMm9lztWOs3vXugQ5k1xnQOfda1o90jn7l_bG_CJGAVDzfsaloDC0J-triuZao4_cDYI3VvjMDc_hkb1UJAL2iQwggmKArPuLPUlx_0i9-NZkSg&pr=13:YeFvZgAAAACeNY3aP9Jet777f4ZwSMOe_nxDFg&cid=CAASBORoxys&rfl=2%2Chttps%253A%252F%252Fwall.alphacoders.com%252Fby_sub_category.php%253Fid%253D289267%2526name%253DShadow%252Bof%252Bthe%252BTomb%252BRaider%252B%2525D0%25259E%2525D0%2525B1%2525D0%2525BE%2525D0%2525B8%2526lang%253DRussian%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Jan 2022 12:35:54 GMT
13340874618512203846
s0.2mdn.net/simgad/ Frame 7376 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13340874618512203846
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFJ8WQGNV2BSGZNihwPVm1U0Gs9X_y7Ff765Ks7LDO18ob2Aw7lBOEgYmvO5NeCxeN4EdiRN0ni75exFuvYpfJ-0TPhzHix1tkMZ-mAmxHERCHCUJkm2DHeAu9-GR06hCDJLJkMvTHp1vbKjMk5lNSn0ap5Q&cry=1&dbm_d=AKAmf-Bi-VnSFbmeKd71gOqUHn9K1J4q43ucgUyKRWup0012ELG4eXOM3gLdor1_tDYFtuDMcEb7S3j34U4dbWWMlPGM1ke-Ftn9q4Vo5SBTKfzi98Hwb_McoNj3rIvsAlrQVnhknQLH578LaCTwP9QF0ionCjl01ftVBVRj-wTefahYYGO62lf1USenQBcY_E7uTWnYzuGm6KvZIwnRien4k58W-iy8h6ubCjJ1BMqEzOKWw3dIaE3jepqmdjbfNZ4Pqymz9dSuT5BJ3Rjw3ziezN0Gz3KP5ivB7Rj0Z0yalhabMG0xV7Ke3lMRCHzG1f9JryrDVpwp5sX5FVdm7Jh1bLQyhm_f9DbPa2WfRnKJUOxsYAokvDNeo_9Wi9XAJy0QF9Fo21TL7vwsuIhqLOs41Rle6KhF33B3livEe75Psh1DKTKJL3s1GWQly1_MnkjWoGghUFl0Xw7wXJ2p0oKsyKa6U0beGjfXRIn93AIIeS0A2MvN9AcT8kKk13fD6E0dm9QYuqd-xpfgAH2fR1wOiSG7oNLhhgKGEuOaljFXP7RKDbNrebN-hzvklbD1DaLxHWQVyZ824tj6EobbwSSS1m-dYslTpe1beMshubih41p4XlNV8HY-hsYISWHtGt9U-s-NtPWgDsooIGe3_WN2F71UOQXLI-jHbYhR-_VBckb9z2obhhT4OMI0X7S7UY1a4FhrA8Jko2FrltsbIo_kljqV6LyIFSnJAj-AtCHbHlHoXFYtq6W-Muqvd8E5O4AmtWcicyM4u1KXTMAK_gXzV6oqA3IBS7dZQoxWOiv238o_WdSRIYWtafAoMXyfzyFS0zzvfkLYKPnmqZCHLDbTNXLUwX2J-6hPmtooJSfMGGiosV2skJV5V-hGlKC57VYU9znI1hQMcSEQue1DOd_wBTjhzdnHwr80JuxVxeHoa6eY_SI8PueNo_PjhwfIClqjPLa0RT7DE04BsdVfhg0GlzPspuW7k-CVvVzGCyxOtxfy5eEyndg30EisFsM911xKSjsFTNLFidb5PgQfvk2SCYo-cK-SHMPiO039iU9zBsEjApMKJ9UEJ-g1NpaXCWld2Me-EM_IrSL893rmyIpfCJThgqTUSp0zEZyTrcRhvwWQ8ZKRl1dKQMmTu0w1EeXBpnRmqQq1HxpPagfUvz2LN2XGoiPL9GFLCvoto-4smXdNlaf27zdiEn7oOBkuwxbiT1XN42mmmDjtiJF4Y98pg-pmxsC5QcPa4oOYeHJGL_q6TaHg5S16HolGwkCg5EZWnbKTVrBv-U2nh3OsSQw48xWENsoeq8ohO7ees9JaxSo6vi5ewlR7NO9H_tPicb8726LEr9ym3hml-mQW9d4PT4fXB6X0cjUDab6TJVk2kXKD1FuYcGbBtrmjYkcq2mnqDTOFKOhDC1wqY_QItSILsmGhiTUFzryFtRFZ-T8g76iHcXob4kl1UOYLuqLisEv6j0n17Ky3-aDafvHNaE99im7TqIP_btIepu85OB8Hdr7UqtcleS0I38M4ZTzhhjM5DtUq8A0E-h5025YCJ-VmJhegSCwAJzpuXHSzjSjbTWrfVbYIYpWjFvVrEKhE13YgcyaRsSJM1QJg-xPqaOSr-GIOnqWLEzaGXOJSB6O8jOxgxL_BbyUZQL3g_WWP9J6wGxfMXZVVTu4NAzeCVDWzmSU5x_tr68VleYAdVYMAk4vbawV2Z-FZyH0Os4D_cUxQuDGcBF82rxS-WWxCFq9Rgza_x9O7OZdjWDq6Xalh15HuO4PhMILXUoPKsQMtHCmY6sSD9RX7Hcfl4KALN51CgsRgPoe6jE58hoEr0VCsL2nrnu53QcJEDTmNTRGaGD-lb82IUJq46YJvHXhhq4Mn5ztXh0i-afdCp7qONpley5xF44NzUtkJOecSH-t9T5f5PhBuqv8EsAxkthDRsF3OrR-jnS7sxYb_sVasZ-0e7H6tslvj8zCW17mvX6vyHI_HBS4UmAdMupOEgynkuDj1VaQ5bm-z5NwpTivqUGyDGJx81irl3N0BqUtF8DT0vb6WqYcD48myQ--lHKH3qiSSnmpIqfEqkf3CWQlTUs9KHZfL2I4nKR_5LRDllWsZUjy_oIqE7iIlC8HSm8cas2JX-Xn-zIA-6gQvYUMNIVm1oW2fkkEQo2Yp0L3kUxOAM-_K7kFChKKuqzUc07sDokQ6o0oNrF2Xy-Co962PThF28jX_kDcHZuRPFcDcmlIw5cw__Xjprc2ra8LaVwf7hezxmTSoDyPGPT5qSpuc4qs9XQ6tSAm4LPVqInrFHkGCjBhOJ5eEEfffVsy3DN1n4lxE5q-MuItavGqNFXPmWco6lE-WMuNgY0WJPblByk9Q7CFq-1SZgAXu9o_JTeP99AP9ewvy7Idooc4K5gxMdPPq1lPV0wbxDylETIpcmQCzTzvSoQN6Nl0zd-Qshu-wjUPNkztm68B7rhkJV4jQ0VcinbaswpAJyftBcvCLEEJo0E-I-mpDQhTyzcSwBiMsQrLok8NVVmGldGOHZ8l57UV_RMOlfj7pzZRYsC6eI6iNDtzSGNb8I_0H2P90bSRfUY6PLSSviQq2Ni2F9Jolk7G3Y9YO20j_f9NmssjTiwL7OPExzZnTXggHTBYEE9iE156S5xpw-YiUAGzV_JqEueH16oLGzGi0zquk0AdsTK5sfrhTFFcHjPFlA30VGCy7pdDYl3xaJt6O9rcTUVhIrQshOGP-Zvre15vomm7GbDSHBevOyVVq8BHxux5fKdewO1uDnoEq12GY3L4Ob9K651wiLdS3syZVqyMEBtpr1Kp3gefeTTcRLU2_qAVqexz5uFi85FW8vfOmh9OMq7CEI74Q06bgSTcjMpD0aV98dp3nv682Mvyz6ofB2EJkTXfPnBVIUMrRjSE50HyRAGtLPa6rddhZsDDR7XL5FK2FOFtmvW2VcRnFc0vUaQz3fyysQRAErRcBuYhV6FoTxYYqY8x9ewVuJBxMMm9lztWOs3vXugQ5k1xnQOfda1o90jn7l_bG_CJGAVDzfsaloDC0J-triuZao4_cDYI3VvjMDc_hkb1UJAL2iQwggmKArPuLPUlx_0i9-NZkSg&pr=13:YeFvZgAAAACeNY3aP9Jet777f4ZwSMOe_nxDFg&cid=CAASBORoxys&rfl=2%2Chttps%253A%252F%252Fwall.alphacoders.com%252Fby_sub_category.php%253Fid%253D289267%2526name%253DShadow%252Bof%252Bthe%252BTomb%252BRaider%252B%2525D0%25259E%2525D0%2525B1%2525D0%2525BE%2525D0%2525B8%2526lang%253DRussian%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4ab5786e88f3d01f800c164dd97a248c6ac48952f103ad0c86aa02cc3a652f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 10:36:15 GMT
x-content-type-options
nosniff
age
439498
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97633
x-xss-protection
0
last-modified
Sun, 02 Jan 2022 06:34:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Jan 2023 10:36:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7376 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFJ8WQGNV2BSGZNihwPVm1U0Gs9X_y7Ff765Ks7LDO18ob2Aw7lBOEgYmvO5NeCxeN4EdiRN0ni75exFuvYpfJ-0TPhzHix1tkMZ-mAmxHERCHCUJkm2DHeAu9-GR06hCDJLJkMvTHp1vbKjMk5lNSn0ap5Q&cry=1&dbm_d=AKAmf-Bi-VnSFbmeKd71gOqUHn9K1J4q43ucgUyKRWup0012ELG4eXOM3gLdor1_tDYFtuDMcEb7S3j34U4dbWWMlPGM1ke-Ftn9q4Vo5SBTKfzi98Hwb_McoNj3rIvsAlrQVnhknQLH578LaCTwP9QF0ionCjl01ftVBVRj-wTefahYYGO62lf1USenQBcY_E7uTWnYzuGm6KvZIwnRien4k58W-iy8h6ubCjJ1BMqEzOKWw3dIaE3jepqmdjbfNZ4Pqymz9dSuT5BJ3Rjw3ziezN0Gz3KP5ivB7Rj0Z0yalhabMG0xV7Ke3lMRCHzG1f9JryrDVpwp5sX5FVdm7Jh1bLQyhm_f9DbPa2WfRnKJUOxsYAokvDNeo_9Wi9XAJy0QF9Fo21TL7vwsuIhqLOs41Rle6KhF33B3livEe75Psh1DKTKJL3s1GWQly1_MnkjWoGghUFl0Xw7wXJ2p0oKsyKa6U0beGjfXRIn93AIIeS0A2MvN9AcT8kKk13fD6E0dm9QYuqd-xpfgAH2fR1wOiSG7oNLhhgKGEuOaljFXP7RKDbNrebN-hzvklbD1DaLxHWQVyZ824tj6EobbwSSS1m-dYslTpe1beMshubih41p4XlNV8HY-hsYISWHtGt9U-s-NtPWgDsooIGe3_WN2F71UOQXLI-jHbYhR-_VBckb9z2obhhT4OMI0X7S7UY1a4FhrA8Jko2FrltsbIo_kljqV6LyIFSnJAj-AtCHbHlHoXFYtq6W-Muqvd8E5O4AmtWcicyM4u1KXTMAK_gXzV6oqA3IBS7dZQoxWOiv238o_WdSRIYWtafAoMXyfzyFS0zzvfkLYKPnmqZCHLDbTNXLUwX2J-6hPmtooJSfMGGiosV2skJV5V-hGlKC57VYU9znI1hQMcSEQue1DOd_wBTjhzdnHwr80JuxVxeHoa6eY_SI8PueNo_PjhwfIClqjPLa0RT7DE04BsdVfhg0GlzPspuW7k-CVvVzGCyxOtxfy5eEyndg30EisFsM911xKSjsFTNLFidb5PgQfvk2SCYo-cK-SHMPiO039iU9zBsEjApMKJ9UEJ-g1NpaXCWld2Me-EM_IrSL893rmyIpfCJThgqTUSp0zEZyTrcRhvwWQ8ZKRl1dKQMmTu0w1EeXBpnRmqQq1HxpPagfUvz2LN2XGoiPL9GFLCvoto-4smXdNlaf27zdiEn7oOBkuwxbiT1XN42mmmDjtiJF4Y98pg-pmxsC5QcPa4oOYeHJGL_q6TaHg5S16HolGwkCg5EZWnbKTVrBv-U2nh3OsSQw48xWENsoeq8ohO7ees9JaxSo6vi5ewlR7NO9H_tPicb8726LEr9ym3hml-mQW9d4PT4fXB6X0cjUDab6TJVk2kXKD1FuYcGbBtrmjYkcq2mnqDTOFKOhDC1wqY_QItSILsmGhiTUFzryFtRFZ-T8g76iHcXob4kl1UOYLuqLisEv6j0n17Ky3-aDafvHNaE99im7TqIP_btIepu85OB8Hdr7UqtcleS0I38M4ZTzhhjM5DtUq8A0E-h5025YCJ-VmJhegSCwAJzpuXHSzjSjbTWrfVbYIYpWjFvVrEKhE13YgcyaRsSJM1QJg-xPqaOSr-GIOnqWLEzaGXOJSB6O8jOxgxL_BbyUZQL3g_WWP9J6wGxfMXZVVTu4NAzeCVDWzmSU5x_tr68VleYAdVYMAk4vbawV2Z-FZyH0Os4D_cUxQuDGcBF82rxS-WWxCFq9Rgza_x9O7OZdjWDq6Xalh15HuO4PhMILXUoPKsQMtHCmY6sSD9RX7Hcfl4KALN51CgsRgPoe6jE58hoEr0VCsL2nrnu53QcJEDTmNTRGaGD-lb82IUJq46YJvHXhhq4Mn5ztXh0i-afdCp7qONpley5xF44NzUtkJOecSH-t9T5f5PhBuqv8EsAxkthDRsF3OrR-jnS7sxYb_sVasZ-0e7H6tslvj8zCW17mvX6vyHI_HBS4UmAdMupOEgynkuDj1VaQ5bm-z5NwpTivqUGyDGJx81irl3N0BqUtF8DT0vb6WqYcD48myQ--lHKH3qiSSnmpIqfEqkf3CWQlTUs9KHZfL2I4nKR_5LRDllWsZUjy_oIqE7iIlC8HSm8cas2JX-Xn-zIA-6gQvYUMNIVm1oW2fkkEQo2Yp0L3kUxOAM-_K7kFChKKuqzUc07sDokQ6o0oNrF2Xy-Co962PThF28jX_kDcHZuRPFcDcmlIw5cw__Xjprc2ra8LaVwf7hezxmTSoDyPGPT5qSpuc4qs9XQ6tSAm4LPVqInrFHkGCjBhOJ5eEEfffVsy3DN1n4lxE5q-MuItavGqNFXPmWco6lE-WMuNgY0WJPblByk9Q7CFq-1SZgAXu9o_JTeP99AP9ewvy7Idooc4K5gxMdPPq1lPV0wbxDylETIpcmQCzTzvSoQN6Nl0zd-Qshu-wjUPNkztm68B7rhkJV4jQ0VcinbaswpAJyftBcvCLEEJo0E-I-mpDQhTyzcSwBiMsQrLok8NVVmGldGOHZ8l57UV_RMOlfj7pzZRYsC6eI6iNDtzSGNb8I_0H2P90bSRfUY6PLSSviQq2Ni2F9Jolk7G3Y9YO20j_f9NmssjTiwL7OPExzZnTXggHTBYEE9iE156S5xpw-YiUAGzV_JqEueH16oLGzGi0zquk0AdsTK5sfrhTFFcHjPFlA30VGCy7pdDYl3xaJt6O9rcTUVhIrQshOGP-Zvre15vomm7GbDSHBevOyVVq8BHxux5fKdewO1uDnoEq12GY3L4Ob9K651wiLdS3syZVqyMEBtpr1Kp3gefeTTcRLU2_qAVqexz5uFi85FW8vfOmh9OMq7CEI74Q06bgSTcjMpD0aV98dp3nv682Mvyz6ofB2EJkTXfPnBVIUMrRjSE50HyRAGtLPa6rddhZsDDR7XL5FK2FOFtmvW2VcRnFc0vUaQz3fyysQRAErRcBuYhV6FoTxYYqY8x9ewVuJBxMMm9lztWOs3vXugQ5k1xnQOfda1o90jn7l_bG_CJGAVDzfsaloDC0J-triuZao4_cDYI3VvjMDc_hkb1UJAL2iQwggmKArPuLPUlx_0i9-NZkSg&pr=13:YeFvZgAAAACeNY3aP9Jet777f4ZwSMOe_nxDFg&cid=CAASBORoxys&rfl=2%2Chttps%253A%252F%252Fwall.alphacoders.com%252Fby_sub_category.php%253Fid%253D289267%2526name%253DShadow%252Bof%252Bthe%252BTomb%252BRaider%252B%2525D0%25259E%2525D0%2525B1%2525D0%2525BE%2525D0%2525B8%2526lang%253DRussian%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Jan 2022 12:41:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame 7376 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFJ8WQGNV2BSGZNihwPVm1U0Gs9X_y7Ff765Ks7LDO18ob2Aw7lBOEgYmvO5NeCxeN4EdiRN0ni75exFuvYpfJ-0TPhzHix1tkMZ-mAmxHERCHCUJkm2DHeAu9-GR06hCDJLJkMvTHp1vbKjMk5lNSn0ap5Q&cry=1&dbm_d=AKAmf-Bi-VnSFbmeKd71gOqUHn9K1J4q43ucgUyKRWup0012ELG4eXOM3gLdor1_tDYFtuDMcEb7S3j34U4dbWWMlPGM1ke-Ftn9q4Vo5SBTKfzi98Hwb_McoNj3rIvsAlrQVnhknQLH578LaCTwP9QF0ionCjl01ftVBVRj-wTefahYYGO62lf1USenQBcY_E7uTWnYzuGm6KvZIwnRien4k58W-iy8h6ubCjJ1BMqEzOKWw3dIaE3jepqmdjbfNZ4Pqymz9dSuT5BJ3Rjw3ziezN0Gz3KP5ivB7Rj0Z0yalhabMG0xV7Ke3lMRCHzG1f9JryrDVpwp5sX5FVdm7Jh1bLQyhm_f9DbPa2WfRnKJUOxsYAokvDNeo_9Wi9XAJy0QF9Fo21TL7vwsuIhqLOs41Rle6KhF33B3livEe75Psh1DKTKJL3s1GWQly1_MnkjWoGghUFl0Xw7wXJ2p0oKsyKa6U0beGjfXRIn93AIIeS0A2MvN9AcT8kKk13fD6E0dm9QYuqd-xpfgAH2fR1wOiSG7oNLhhgKGEuOaljFXP7RKDbNrebN-hzvklbD1DaLxHWQVyZ824tj6EobbwSSS1m-dYslTpe1beMshubih41p4XlNV8HY-hsYISWHtGt9U-s-NtPWgDsooIGe3_WN2F71UOQXLI-jHbYhR-_VBckb9z2obhhT4OMI0X7S7UY1a4FhrA8Jko2FrltsbIo_kljqV6LyIFSnJAj-AtCHbHlHoXFYtq6W-Muqvd8E5O4AmtWcicyM4u1KXTMAK_gXzV6oqA3IBS7dZQoxWOiv238o_WdSRIYWtafAoMXyfzyFS0zzvfkLYKPnmqZCHLDbTNXLUwX2J-6hPmtooJSfMGGiosV2skJV5V-hGlKC57VYU9znI1hQMcSEQue1DOd_wBTjhzdnHwr80JuxVxeHoa6eY_SI8PueNo_PjhwfIClqjPLa0RT7DE04BsdVfhg0GlzPspuW7k-CVvVzGCyxOtxfy5eEyndg30EisFsM911xKSjsFTNLFidb5PgQfvk2SCYo-cK-SHMPiO039iU9zBsEjApMKJ9UEJ-g1NpaXCWld2Me-EM_IrSL893rmyIpfCJThgqTUSp0zEZyTrcRhvwWQ8ZKRl1dKQMmTu0w1EeXBpnRmqQq1HxpPagfUvz2LN2XGoiPL9GFLCvoto-4smXdNlaf27zdiEn7oOBkuwxbiT1XN42mmmDjtiJF4Y98pg-pmxsC5QcPa4oOYeHJGL_q6TaHg5S16HolGwkCg5EZWnbKTVrBv-U2nh3OsSQw48xWENsoeq8ohO7ees9JaxSo6vi5ewlR7NO9H_tPicb8726LEr9ym3hml-mQW9d4PT4fXB6X0cjUDab6TJVk2kXKD1FuYcGbBtrmjYkcq2mnqDTOFKOhDC1wqY_QItSILsmGhiTUFzryFtRFZ-T8g76iHcXob4kl1UOYLuqLisEv6j0n17Ky3-aDafvHNaE99im7TqIP_btIepu85OB8Hdr7UqtcleS0I38M4ZTzhhjM5DtUq8A0E-h5025YCJ-VmJhegSCwAJzpuXHSzjSjbTWrfVbYIYpWjFvVrEKhE13YgcyaRsSJM1QJg-xPqaOSr-GIOnqWLEzaGXOJSB6O8jOxgxL_BbyUZQL3g_WWP9J6wGxfMXZVVTu4NAzeCVDWzmSU5x_tr68VleYAdVYMAk4vbawV2Z-FZyH0Os4D_cUxQuDGcBF82rxS-WWxCFq9Rgza_x9O7OZdjWDq6Xalh15HuO4PhMILXUoPKsQMtHCmY6sSD9RX7Hcfl4KALN51CgsRgPoe6jE58hoEr0VCsL2nrnu53QcJEDTmNTRGaGD-lb82IUJq46YJvHXhhq4Mn5ztXh0i-afdCp7qONpley5xF44NzUtkJOecSH-t9T5f5PhBuqv8EsAxkthDRsF3OrR-jnS7sxYb_sVasZ-0e7H6tslvj8zCW17mvX6vyHI_HBS4UmAdMupOEgynkuDj1VaQ5bm-z5NwpTivqUGyDGJx81irl3N0BqUtF8DT0vb6WqYcD48myQ--lHKH3qiSSnmpIqfEqkf3CWQlTUs9KHZfL2I4nKR_5LRDllWsZUjy_oIqE7iIlC8HSm8cas2JX-Xn-zIA-6gQvYUMNIVm1oW2fkkEQo2Yp0L3kUxOAM-_K7kFChKKuqzUc07sDokQ6o0oNrF2Xy-Co962PThF28jX_kDcHZuRPFcDcmlIw5cw__Xjprc2ra8LaVwf7hezxmTSoDyPGPT5qSpuc4qs9XQ6tSAm4LPVqInrFHkGCjBhOJ5eEEfffVsy3DN1n4lxE5q-MuItavGqNFXPmWco6lE-WMuNgY0WJPblByk9Q7CFq-1SZgAXu9o_JTeP99AP9ewvy7Idooc4K5gxMdPPq1lPV0wbxDylETIpcmQCzTzvSoQN6Nl0zd-Qshu-wjUPNkztm68B7rhkJV4jQ0VcinbaswpAJyftBcvCLEEJo0E-I-mpDQhTyzcSwBiMsQrLok8NVVmGldGOHZ8l57UV_RMOlfj7pzZRYsC6eI6iNDtzSGNb8I_0H2P90bSRfUY6PLSSviQq2Ni2F9Jolk7G3Y9YO20j_f9NmssjTiwL7OPExzZnTXggHTBYEE9iE156S5xpw-YiUAGzV_JqEueH16oLGzGi0zquk0AdsTK5sfrhTFFcHjPFlA30VGCy7pdDYl3xaJt6O9rcTUVhIrQshOGP-Zvre15vomm7GbDSHBevOyVVq8BHxux5fKdewO1uDnoEq12GY3L4Ob9K651wiLdS3syZVqyMEBtpr1Kp3gefeTTcRLU2_qAVqexz5uFi85FW8vfOmh9OMq7CEI74Q06bgSTcjMpD0aV98dp3nv682Mvyz6ofB2EJkTXfPnBVIUMrRjSE50HyRAGtLPa6rddhZsDDR7XL5FK2FOFtmvW2VcRnFc0vUaQz3fyysQRAErRcBuYhV6FoTxYYqY8x9ewVuJBxMMm9lztWOs3vXugQ5k1xnQOfda1o90jn7l_bG_CJGAVDzfsaloDC0J-triuZao4_cDYI3VvjMDc_hkb1UJAL2iQwggmKArPuLPUlx_0i9-NZkSg&pr=13:YeFvZgAAAACeNY3aP9Jet777f4ZwSMOe_nxDFg&cid=CAASBORoxys&rfl=2%2Chttps%253A%252F%252Fwall.alphacoders.com%252Fby_sub_category.php%253Fid%253D289267%2526name%253DShadow%252Bof%252Bthe%252BTomb%252BRaider%252B%2525D0%25259E%2525D0%2525B1%2525D0%2525BE%2525D0%2525B8%2526lang%253DRussian%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Jan 2022 12:33:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7376 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfeCYjf_W3NckYoVYLVvsld6N26IB-MbLKIpJ94eYPaRPozuiI1LCITNDWZcxFFooNcZh9Y09Ci8yil9sgYOqFvhNbIlaneInSO9669tTxbz1aKCYWNmiSBlk8fUlyFI1-HgxaltgiZtaz4m4Cj1gTqKh32pElwlajKsR8snCr3bLcD04u7zqPnRGH3OkPz1KiFR30L-THBtfCOVtBSu69ozpar9OBKSA6kq6TfyVP6gYLqw2lbLOtEA9JhoBNeIVz0OMWMeWVVYI8Rkr6n2Mi0O58Re2UX-azGR-7XyyGy-ywzFOKV-61DBFoETHoi-oCjW5e8x9VDPMZJjVZmOTdogBN7qg8_yRwgQrNzomSYea347-3jK7nLQChTDznc21-KX7jbX2N5BzNJuxKrt_Pw_cONQvg1HOgTN1Qv55XQ0Q_ba8ZrEN8HqokuiQCoKorcflmHAneJgukCjNGtt6Tw0BqYZM7WPJYd2MVXTol8aZ4GrizHe7DDYaz0nHYqgVeOLl-HidHy_CxxV7c6OA7u_CnESYXBZfo_cKmsk7NQtTUnKirrnt3xYEe2J-fDHptUytB3lbgHCFBD74XY2Soa1N0cVNqs03LAJCt35FKVKBNCAYNULJqj0F_O-f1hPR2og2oKbTLE_ltwF-nfFMbb7XS5OfvA_zGP2scrNnN5lhnos5TtET4pBhAgN3bH3RzAMwcNHqQwhlr2AMgW3Jx-vl2ssylz3HHJTTGRE1JcwwfGnFFiiYzVFy6_EXFS6Z18P-yzB5qX0-iBfHr2N1vV9lVPdFAl_8DLJklOEFYKDDO9lWxNnxkmgMGE-15h4dMwo56P8UdV802bkYea10Uuj4p0n54RuGL0KMZdnHYjWiVHztXe-5fXi3TTZ1ORbnJdWCwPYHOFdt02Fm_Mkt2Syq4fTDr0yg0tv1B2szogkkzB2E3t_wyqHPQSflfmH8FrrS5Bc-jB8b3kR8Vbr76DFpfEvVd7jb0klsNXtCuFgef9esRgMTWMlyvj2IdBgr4-QMnk85N-AbVR_PLRf0kH8CoFUtlVnU5PdtCYacMVO_nHctyIiBwvpoRY7tip_jSssFsw8gn_U8radk&sai=AMfl-YSSgpnZ_3eA8CCTpY23l60V2wU4ycqSvxtlamN2uKQC3_JjvQDpgFxH8qr5iOKmRHzdNhfObq-t-CEAYufWgzaYq9BQ-yqsML46q40_sD6vtt0OkYR8RCdjBwKFTNKUH83h&sig=Cg0ArKJSzCHvp3AUh2-6EAE&uach_m=[UACH]&pr=13:YeFvZgAAAACeNY3aP9Jet777f4ZwSMOe_nxDFg&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220112.72808&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFJ8WQGNV2BSGZNihwPVm1U0Gs9X_y7Ff765Ks7LDO18ob2Aw7lBOEgYmvO5NeCxeN4EdiRN0ni75exFuvYpfJ-0TPhzHix1tkMZ-mAmxHERCHCUJkm2DHeAu9-GR06hCDJLJkMvTHp1vbKjMk5lNSn0ap5Q&cry=1&dbm_d=AKAmf-Bi-VnSFbmeKd71gOqUHn9K1J4q43ucgUyKRWup0012ELG4eXOM3gLdor1_tDYFtuDMcEb7S3j34U4dbWWMlPGM1ke-Ftn9q4Vo5SBTKfzi98Hwb_McoNj3rIvsAlrQVnhknQLH578LaCTwP9QF0ionCjl01ftVBVRj-wTefahYYGO62lf1USenQBcY_E7uTWnYzuGm6KvZIwnRien4k58W-iy8h6ubCjJ1BMqEzOKWw3dIaE3jepqmdjbfNZ4Pqymz9dSuT5BJ3Rjw3ziezN0Gz3KP5ivB7Rj0Z0yalhabMG0xV7Ke3lMRCHzG1f9JryrDVpwp5sX5FVdm7Jh1bLQyhm_f9DbPa2WfRnKJUOxsYAokvDNeo_9Wi9XAJy0QF9Fo21TL7vwsuIhqLOs41Rle6KhF33B3livEe75Psh1DKTKJL3s1GWQly1_MnkjWoGghUFl0Xw7wXJ2p0oKsyKa6U0beGjfXRIn93AIIeS0A2MvN9AcT8kKk13fD6E0dm9QYuqd-xpfgAH2fR1wOiSG7oNLhhgKGEuOaljFXP7RKDbNrebN-hzvklbD1DaLxHWQVyZ824tj6EobbwSSS1m-dYslTpe1beMshubih41p4XlNV8HY-hsYISWHtGt9U-s-NtPWgDsooIGe3_WN2F71UOQXLI-jHbYhR-_VBckb9z2obhhT4OMI0X7S7UY1a4FhrA8Jko2FrltsbIo_kljqV6LyIFSnJAj-AtCHbHlHoXFYtq6W-Muqvd8E5O4AmtWcicyM4u1KXTMAK_gXzV6oqA3IBS7dZQoxWOiv238o_WdSRIYWtafAoMXyfzyFS0zzvfkLYKPnmqZCHLDbTNXLUwX2J-6hPmtooJSfMGGiosV2skJV5V-hGlKC57VYU9znI1hQMcSEQue1DOd_wBTjhzdnHwr80JuxVxeHoa6eY_SI8PueNo_PjhwfIClqjPLa0RT7DE04BsdVfhg0GlzPspuW7k-CVvVzGCyxOtxfy5eEyndg30EisFsM911xKSjsFTNLFidb5PgQfvk2SCYo-cK-SHMPiO039iU9zBsEjApMKJ9UEJ-g1NpaXCWld2Me-EM_IrSL893rmyIpfCJThgqTUSp0zEZyTrcRhvwWQ8ZKRl1dKQMmTu0w1EeXBpnRmqQq1HxpPagfUvz2LN2XGoiPL9GFLCvoto-4smXdNlaf27zdiEn7oOBkuwxbiT1XN42mmmDjtiJF4Y98pg-pmxsC5QcPa4oOYeHJGL_q6TaHg5S16HolGwkCg5EZWnbKTVrBv-U2nh3OsSQw48xWENsoeq8ohO7ees9JaxSo6vi5ewlR7NO9H_tPicb8726LEr9ym3hml-mQW9d4PT4fXB6X0cjUDab6TJVk2kXKD1FuYcGbBtrmjYkcq2mnqDTOFKOhDC1wqY_QItSILsmGhiTUFzryFtRFZ-T8g76iHcXob4kl1UOYLuqLisEv6j0n17Ky3-aDafvHNaE99im7TqIP_btIepu85OB8Hdr7UqtcleS0I38M4ZTzhhjM5DtUq8A0E-h5025YCJ-VmJhegSCwAJzpuXHSzjSjbTWrfVbYIYpWjFvVrEKhE13YgcyaRsSJM1QJg-xPqaOSr-GIOnqWLEzaGXOJSB6O8jOxgxL_BbyUZQL3g_WWP9J6wGxfMXZVVTu4NAzeCVDWzmSU5x_tr68VleYAdVYMAk4vbawV2Z-FZyH0Os4D_cUxQuDGcBF82rxS-WWxCFq9Rgza_x9O7OZdjWDq6Xalh15HuO4PhMILXUoPKsQMtHCmY6sSD9RX7Hcfl4KALN51CgsRgPoe6jE58hoEr0VCsL2nrnu53QcJEDTmNTRGaGD-lb82IUJq46YJvHXhhq4Mn5ztXh0i-afdCp7qONpley5xF44NzUtkJOecSH-t9T5f5PhBuqv8EsAxkthDRsF3OrR-jnS7sxYb_sVasZ-0e7H6tslvj8zCW17mvX6vyHI_HBS4UmAdMupOEgynkuDj1VaQ5bm-z5NwpTivqUGyDGJx81irl3N0BqUtF8DT0vb6WqYcD48myQ--lHKH3qiSSnmpIqfEqkf3CWQlTUs9KHZfL2I4nKR_5LRDllWsZUjy_oIqE7iIlC8HSm8cas2JX-Xn-zIA-6gQvYUMNIVm1oW2fkkEQo2Yp0L3kUxOAM-_K7kFChKKuqzUc07sDokQ6o0oNrF2Xy-Co962PThF28jX_kDcHZuRPFcDcmlIw5cw__Xjprc2ra8LaVwf7hezxmTSoDyPGPT5qSpuc4qs9XQ6tSAm4LPVqInrFHkGCjBhOJ5eEEfffVsy3DN1n4lxE5q-MuItavGqNFXPmWco6lE-WMuNgY0WJPblByk9Q7CFq-1SZgAXu9o_JTeP99AP9ewvy7Idooc4K5gxMdPPq1lPV0wbxDylETIpcmQCzTzvSoQN6Nl0zd-Qshu-wjUPNkztm68B7rhkJV4jQ0VcinbaswpAJyftBcvCLEEJo0E-I-mpDQhTyzcSwBiMsQrLok8NVVmGldGOHZ8l57UV_RMOlfj7pzZRYsC6eI6iNDtzSGNb8I_0H2P90bSRfUY6PLSSviQq2Ni2F9Jolk7G3Y9YO20j_f9NmssjTiwL7OPExzZnTXggHTBYEE9iE156S5xpw-YiUAGzV_JqEueH16oLGzGi0zquk0AdsTK5sfrhTFFcHjPFlA30VGCy7pdDYl3xaJt6O9rcTUVhIrQshOGP-Zvre15vomm7GbDSHBevOyVVq8BHxux5fKdewO1uDnoEq12GY3L4Ob9K651wiLdS3syZVqyMEBtpr1Kp3gefeTTcRLU2_qAVqexz5uFi85FW8vfOmh9OMq7CEI74Q06bgSTcjMpD0aV98dp3nv682Mvyz6ofB2EJkTXfPnBVIUMrRjSE50HyRAGtLPa6rddhZsDDR7XL5FK2FOFtmvW2VcRnFc0vUaQz3fyysQRAErRcBuYhV6FoTxYYqY8x9ewVuJBxMMm9lztWOs3vXugQ5k1xnQOfda1o90jn7l_bG_CJGAVDzfsaloDC0J-triuZao4_cDYI3VvjMDc_hkb1UJAL2iQwggmKArPuLPUlx_0i9-NZkSg&pr=13:YeFvZgAAAACeNY3aP9Jet777f4ZwSMOe_nxDFg&cid=CAASBORoxys&rfl=2%2Chttps%253A%252F%252Fwall.alphacoders.com%252Fby_sub_category.php%253Fid%253D289267%2526name%253DShadow%252Bof%252Bthe%252BTomb%252BRaider%252B%2525D0%25259E%2525D0%2525B1%2525D0%2525BE%2525D0%2525B8%2526lang%253DRussian%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 14 Jan 2022 12:41:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7376 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFJ8WQGNV2BSGZNihwPVm1U0Gs9X_y7Ff765Ks7LDO18ob2Aw7lBOEgYmvO5NeCxeN4EdiRN0ni75exFuvYpfJ-0TPhzHix1tkMZ-mAmxHERCHCUJkm2DHeAu9-GR06hCDJLJkMvTHp1vbKjMk5lNSn0ap5Q&cry=1&dbm_d=AKAmf-Bi-VnSFbmeKd71gOqUHn9K1J4q43ucgUyKRWup0012ELG4eXOM3gLdor1_tDYFtuDMcEb7S3j34U4dbWWMlPGM1ke-Ftn9q4Vo5SBTKfzi98Hwb_McoNj3rIvsAlrQVnhknQLH578LaCTwP9QF0ionCjl01ftVBVRj-wTefahYYGO62lf1USenQBcY_E7uTWnYzuGm6KvZIwnRien4k58W-iy8h6ubCjJ1BMqEzOKWw3dIaE3jepqmdjbfNZ4Pqymz9dSuT5BJ3Rjw3ziezN0Gz3KP5ivB7Rj0Z0yalhabMG0xV7Ke3lMRCHzG1f9JryrDVpwp5sX5FVdm7Jh1bLQyhm_f9DbPa2WfRnKJUOxsYAokvDNeo_9Wi9XAJy0QF9Fo21TL7vwsuIhqLOs41Rle6KhF33B3livEe75Psh1DKTKJL3s1GWQly1_MnkjWoGghUFl0Xw7wXJ2p0oKsyKa6U0beGjfXRIn93AIIeS0A2MvN9AcT8kKk13fD6E0dm9QYuqd-xpfgAH2fR1wOiSG7oNLhhgKGEuOaljFXP7RKDbNrebN-hzvklbD1DaLxHWQVyZ824tj6EobbwSSS1m-dYslTpe1beMshubih41p4XlNV8HY-hsYISWHtGt9U-s-NtPWgDsooIGe3_WN2F71UOQXLI-jHbYhR-_VBckb9z2obhhT4OMI0X7S7UY1a4FhrA8Jko2FrltsbIo_kljqV6LyIFSnJAj-AtCHbHlHoXFYtq6W-Muqvd8E5O4AmtWcicyM4u1KXTMAK_gXzV6oqA3IBS7dZQoxWOiv238o_WdSRIYWtafAoMXyfzyFS0zzvfkLYKPnmqZCHLDbTNXLUwX2J-6hPmtooJSfMGGiosV2skJV5V-hGlKC57VYU9znI1hQMcSEQue1DOd_wBTjhzdnHwr80JuxVxeHoa6eY_SI8PueNo_PjhwfIClqjPLa0RT7DE04BsdVfhg0GlzPspuW7k-CVvVzGCyxOtxfy5eEyndg30EisFsM911xKSjsFTNLFidb5PgQfvk2SCYo-cK-SHMPiO039iU9zBsEjApMKJ9UEJ-g1NpaXCWld2Me-EM_IrSL893rmyIpfCJThgqTUSp0zEZyTrcRhvwWQ8ZKRl1dKQMmTu0w1EeXBpnRmqQq1HxpPagfUvz2LN2XGoiPL9GFLCvoto-4smXdNlaf27zdiEn7oOBkuwxbiT1XN42mmmDjtiJF4Y98pg-pmxsC5QcPa4oOYeHJGL_q6TaHg5S16HolGwkCg5EZWnbKTVrBv-U2nh3OsSQw48xWENsoeq8ohO7ees9JaxSo6vi5ewlR7NO9H_tPicb8726LEr9ym3hml-mQW9d4PT4fXB6X0cjUDab6TJVk2kXKD1FuYcGbBtrmjYkcq2mnqDTOFKOhDC1wqY_QItSILsmGhiTUFzryFtRFZ-T8g76iHcXob4kl1UOYLuqLisEv6j0n17Ky3-aDafvHNaE99im7TqIP_btIepu85OB8Hdr7UqtcleS0I38M4ZTzhhjM5DtUq8A0E-h5025YCJ-VmJhegSCwAJzpuXHSzjSjbTWrfVbYIYpWjFvVrEKhE13YgcyaRsSJM1QJg-xPqaOSr-GIOnqWLEzaGXOJSB6O8jOxgxL_BbyUZQL3g_WWP9J6wGxfMXZVVTu4NAzeCVDWzmSU5x_tr68VleYAdVYMAk4vbawV2Z-FZyH0Os4D_cUxQuDGcBF82rxS-WWxCFq9Rgza_x9O7OZdjWDq6Xalh15HuO4PhMILXUoPKsQMtHCmY6sSD9RX7Hcfl4KALN51CgsRgPoe6jE58hoEr0VCsL2nrnu53QcJEDTmNTRGaGD-lb82IUJq46YJvHXhhq4Mn5ztXh0i-afdCp7qONpley5xF44NzUtkJOecSH-t9T5f5PhBuqv8EsAxkthDRsF3OrR-jnS7sxYb_sVasZ-0e7H6tslvj8zCW17mvX6vyHI_HBS4UmAdMupOEgynkuDj1VaQ5bm-z5NwpTivqUGyDGJx81irl3N0BqUtF8DT0vb6WqYcD48myQ--lHKH3qiSSnmpIqfEqkf3CWQlTUs9KHZfL2I4nKR_5LRDllWsZUjy_oIqE7iIlC8HSm8cas2JX-Xn-zIA-6gQvYUMNIVm1oW2fkkEQo2Yp0L3kUxOAM-_K7kFChKKuqzUc07sDokQ6o0oNrF2Xy-Co962PThF28jX_kDcHZuRPFcDcmlIw5cw__Xjprc2ra8LaVwf7hezxmTSoDyPGPT5qSpuc4qs9XQ6tSAm4LPVqInrFHkGCjBhOJ5eEEfffVsy3DN1n4lxE5q-MuItavGqNFXPmWco6lE-WMuNgY0WJPblByk9Q7CFq-1SZgAXu9o_JTeP99AP9ewvy7Idooc4K5gxMdPPq1lPV0wbxDylETIpcmQCzTzvSoQN6Nl0zd-Qshu-wjUPNkztm68B7rhkJV4jQ0VcinbaswpAJyftBcvCLEEJo0E-I-mpDQhTyzcSwBiMsQrLok8NVVmGldGOHZ8l57UV_RMOlfj7pzZRYsC6eI6iNDtzSGNb8I_0H2P90bSRfUY6PLSSviQq2Ni2F9Jolk7G3Y9YO20j_f9NmssjTiwL7OPExzZnTXggHTBYEE9iE156S5xpw-YiUAGzV_JqEueH16oLGzGi0zquk0AdsTK5sfrhTFFcHjPFlA30VGCy7pdDYl3xaJt6O9rcTUVhIrQshOGP-Zvre15vomm7GbDSHBevOyVVq8BHxux5fKdewO1uDnoEq12GY3L4Ob9K651wiLdS3syZVqyMEBtpr1Kp3gefeTTcRLU2_qAVqexz5uFi85FW8vfOmh9OMq7CEI74Q06bgSTcjMpD0aV98dp3nv682Mvyz6ofB2EJkTXfPnBVIUMrRjSE50HyRAGtLPa6rddhZsDDR7XL5FK2FOFtmvW2VcRnFc0vUaQz3fyysQRAErRcBuYhV6FoTxYYqY8x9ewVuJBxMMm9lztWOs3vXugQ5k1xnQOfda1o90jn7l_bG_CJGAVDzfsaloDC0J-triuZao4_cDYI3VvjMDc_hkb1UJAL2iQwggmKArPuLPUlx_0i9-NZkSg&pr=13:YeFvZgAAAACeNY3aP9Jet777f4ZwSMOe_nxDFg&cid=CAASBORoxys&rfl=2%2Chttps%253A%252F%252Fwall.alphacoders.com%252Fby_sub_category.php%253Fid%253D289267%2526name%253DShadow%252Bof%252Bthe%252BTomb%252BRaider%252B%2525D0%25259E%2525D0%2525B1%2525D0%2525BE%2525D0%2525B8%2526lang%253DRussian%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 06:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23142
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Jan 2023 06:15:31 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FD7D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 14 Jan 2022 06:15:31 GMT
expires
Sat, 14 Jan 2023 06:15:31 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
23142
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame FD7D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 02:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
208682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 02:43:11 GMT
j.ad
s.tribalfusion.com/ Frame B459 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=10806271254&tagKey=3171182075&loaderVer=0.1&site=alphacoderscom&adSpace=ros2&center=1&env=display&size=970x250&busted=1&url=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&f=1&p=3993840&tKey=asmneMXF37UtFQnPMCmcvqNqroR70fsK&a=1&adContainerId=richmedia_2&rnd=3995891
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/AlphaCoderscom/ROS2/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9713885add2a6af282cefed2ef87cd372ea798791aff8a17e8aa206b5d0a72ea

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3077
pragma
no-cache
x-function
101
server
cloudflare
x-reuse-index
2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
6cd6eff48bfdca53-YUL
expires
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7376 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfeCYjf_W3NckYoVYLVvsld6N26IB-MbLKIpJ94eYPaRPozuiI1LCITNDWZcxFFooNcZh9Y09Ci8yil9sgYOqFvhNbIlaneInSO9669tTxbz1aKCYWNmiSBlk8fUlyFI1-HgxaltgiZtaz4m4Cj1gTqKh32pElwlajKsR8snCr3bLcD04u7zqPnRGH3OkPz1KiFR30L-THBtfCOVtBSu69ozpar9OBKSA6kq6TfyVP6gYLqw2lbLOtEA9JhoBNeIVz0OMWMeWVVYI8Rkr6n2Mi0O58Re2UX-azGR-7XyyGy-ywzFOKV-61DBFoETHoi-oCjW5e8x9VDPMZJjVZmOTdogBN7qg8_yRwgQrNzomSYea347-3jK7nLQChTDznc21-KX7jbX2N5BzNJuxKrt_Pw_cONQvg1HOgTN1Qv55XQ0Q_ba8ZrEN8HqokuiQCoKorcflmHAneJgukCjNGtt6Tw0BqYZM7WPJYd2MVXTol8aZ4GrizHe7DDYaz0nHYqgVeOLl-HidHy_CxxV7c6OA7u_CnESYXBZfo_cKmsk7NQtTUnKirrnt3xYEe2J-fDHptUytB3lbgHCFBD74XY2Soa1N0cVNqs03LAJCt35FKVKBNCAYNULJqj0F_O-f1hPR2og2oKbTLE_ltwF-nfFMbb7XS5OfvA_zGP2scrNnN5lhnos5TtET4pBhAgN3bH3RzAMwcNHqQwhlr2AMgW3Jx-vl2ssylz3HHJTTGRE1JcwwfGnFFiiYzVFy6_EXFS6Z18P-yzB5qX0-iBfHr2N1vV9lVPdFAl_8DLJklOEFYKDDO9lWxNnxkmgMGE-15h4dMwo56P8UdV802bkYea10Uuj4p0n54RuGL0KMZdnHYjWiVHztXe-5fXi3TTZ1ORbnJdWCwPYHOFdt02Fm_Mkt2Syq4fTDr0yg0tv1B2szogkkzB2E3t_wyqHPQSflfmH8FrrS5Bc-jB8b3kR8Vbr76DFpfEvVd7jb0klsNXtCuFgef9esRgMTWMlyvj2IdBgr4-QMnk85N-AbVR_PLRf0kH8CoFUtlVnU5PdtCYacMVO_nHctyIiBwvpoRY7tip_jSssFsw8gn_U8radk&sai=AMfl-YSSgpnZ_3eA8CCTpY23l60V2wU4ycqSvxtlamN2uKQC3_JjvQDpgFxH8qr5iOKmRHzdNhfObq-t-CEAYufWgzaYq9BQ-yqsML46q40_sD6vtt0OkYR8RCdjBwKFTNKUH83h&sig=Cg0ArKJSzCHvp3AUh2-6EAE&uach_m=[UACH]&pr=13:YeFvZgAAAACeNY3aP9Jet777f4ZwSMOe_nxDFg&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=159&vt=11&dtpt=158&dett=2&cstd=0&cisv=r20220112.72808&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFJ8WQGNV2BSGZNihwPVm1U0Gs9X_y7Ff765Ks7LDO18ob2Aw7lBOEgYmvO5NeCxeN4EdiRN0ni75exFuvYpfJ-0TPhzHix1tkMZ-mAmxHERCHCUJkm2DHeAu9-GR06hCDJLJkMvTHp1vbKjMk5lNSn0ap5Q&cry=1&dbm_d=AKAmf-Bi-VnSFbmeKd71gOqUHn9K1J4q43ucgUyKRWup0012ELG4eXOM3gLdor1_tDYFtuDMcEb7S3j34U4dbWWMlPGM1ke-Ftn9q4Vo5SBTKfzi98Hwb_McoNj3rIvsAlrQVnhknQLH578LaCTwP9QF0ionCjl01ftVBVRj-wTefahYYGO62lf1USenQBcY_E7uTWnYzuGm6KvZIwnRien4k58W-iy8h6ubCjJ1BMqEzOKWw3dIaE3jepqmdjbfNZ4Pqymz9dSuT5BJ3Rjw3ziezN0Gz3KP5ivB7Rj0Z0yalhabMG0xV7Ke3lMRCHzG1f9JryrDVpwp5sX5FVdm7Jh1bLQyhm_f9DbPa2WfRnKJUOxsYAokvDNeo_9Wi9XAJy0QF9Fo21TL7vwsuIhqLOs41Rle6KhF33B3livEe75Psh1DKTKJL3s1GWQly1_MnkjWoGghUFl0Xw7wXJ2p0oKsyKa6U0beGjfXRIn93AIIeS0A2MvN9AcT8kKk13fD6E0dm9QYuqd-xpfgAH2fR1wOiSG7oNLhhgKGEuOaljFXP7RKDbNrebN-hzvklbD1DaLxHWQVyZ824tj6EobbwSSS1m-dYslTpe1beMshubih41p4XlNV8HY-hsYISWHtGt9U-s-NtPWgDsooIGe3_WN2F71UOQXLI-jHbYhR-_VBckb9z2obhhT4OMI0X7S7UY1a4FhrA8Jko2FrltsbIo_kljqV6LyIFSnJAj-AtCHbHlHoXFYtq6W-Muqvd8E5O4AmtWcicyM4u1KXTMAK_gXzV6oqA3IBS7dZQoxWOiv238o_WdSRIYWtafAoMXyfzyFS0zzvfkLYKPnmqZCHLDbTNXLUwX2J-6hPmtooJSfMGGiosV2skJV5V-hGlKC57VYU9znI1hQMcSEQue1DOd_wBTjhzdnHwr80JuxVxeHoa6eY_SI8PueNo_PjhwfIClqjPLa0RT7DE04BsdVfhg0GlzPspuW7k-CVvVzGCyxOtxfy5eEyndg30EisFsM911xKSjsFTNLFidb5PgQfvk2SCYo-cK-SHMPiO039iU9zBsEjApMKJ9UEJ-g1NpaXCWld2Me-EM_IrSL893rmyIpfCJThgqTUSp0zEZyTrcRhvwWQ8ZKRl1dKQMmTu0w1EeXBpnRmqQq1HxpPagfUvz2LN2XGoiPL9GFLCvoto-4smXdNlaf27zdiEn7oOBkuwxbiT1XN42mmmDjtiJF4Y98pg-pmxsC5QcPa4oOYeHJGL_q6TaHg5S16HolGwkCg5EZWnbKTVrBv-U2nh3OsSQw48xWENsoeq8ohO7ees9JaxSo6vi5ewlR7NO9H_tPicb8726LEr9ym3hml-mQW9d4PT4fXB6X0cjUDab6TJVk2kXKD1FuYcGbBtrmjYkcq2mnqDTOFKOhDC1wqY_QItSILsmGhiTUFzryFtRFZ-T8g76iHcXob4kl1UOYLuqLisEv6j0n17Ky3-aDafvHNaE99im7TqIP_btIepu85OB8Hdr7UqtcleS0I38M4ZTzhhjM5DtUq8A0E-h5025YCJ-VmJhegSCwAJzpuXHSzjSjbTWrfVbYIYpWjFvVrEKhE13YgcyaRsSJM1QJg-xPqaOSr-GIOnqWLEzaGXOJSB6O8jOxgxL_BbyUZQL3g_WWP9J6wGxfMXZVVTu4NAzeCVDWzmSU5x_tr68VleYAdVYMAk4vbawV2Z-FZyH0Os4D_cUxQuDGcBF82rxS-WWxCFq9Rgza_x9O7OZdjWDq6Xalh15HuO4PhMILXUoPKsQMtHCmY6sSD9RX7Hcfl4KALN51CgsRgPoe6jE58hoEr0VCsL2nrnu53QcJEDTmNTRGaGD-lb82IUJq46YJvHXhhq4Mn5ztXh0i-afdCp7qONpley5xF44NzUtkJOecSH-t9T5f5PhBuqv8EsAxkthDRsF3OrR-jnS7sxYb_sVasZ-0e7H6tslvj8zCW17mvX6vyHI_HBS4UmAdMupOEgynkuDj1VaQ5bm-z5NwpTivqUGyDGJx81irl3N0BqUtF8DT0vb6WqYcD48myQ--lHKH3qiSSnmpIqfEqkf3CWQlTUs9KHZfL2I4nKR_5LRDllWsZUjy_oIqE7iIlC8HSm8cas2JX-Xn-zIA-6gQvYUMNIVm1oW2fkkEQo2Yp0L3kUxOAM-_K7kFChKKuqzUc07sDokQ6o0oNrF2Xy-Co962PThF28jX_kDcHZuRPFcDcmlIw5cw__Xjprc2ra8LaVwf7hezxmTSoDyPGPT5qSpuc4qs9XQ6tSAm4LPVqInrFHkGCjBhOJ5eEEfffVsy3DN1n4lxE5q-MuItavGqNFXPmWco6lE-WMuNgY0WJPblByk9Q7CFq-1SZgAXu9o_JTeP99AP9ewvy7Idooc4K5gxMdPPq1lPV0wbxDylETIpcmQCzTzvSoQN6Nl0zd-Qshu-wjUPNkztm68B7rhkJV4jQ0VcinbaswpAJyftBcvCLEEJo0E-I-mpDQhTyzcSwBiMsQrLok8NVVmGldGOHZ8l57UV_RMOlfj7pzZRYsC6eI6iNDtzSGNb8I_0H2P90bSRfUY6PLSSviQq2Ni2F9Jolk7G3Y9YO20j_f9NmssjTiwL7OPExzZnTXggHTBYEE9iE156S5xpw-YiUAGzV_JqEueH16oLGzGi0zquk0AdsTK5sfrhTFFcHjPFlA30VGCy7pdDYl3xaJt6O9rcTUVhIrQshOGP-Zvre15vomm7GbDSHBevOyVVq8BHxux5fKdewO1uDnoEq12GY3L4Ob9K651wiLdS3syZVqyMEBtpr1Kp3gefeTTcRLU2_qAVqexz5uFi85FW8vfOmh9OMq7CEI74Q06bgSTcjMpD0aV98dp3nv682Mvyz6ofB2EJkTXfPnBVIUMrRjSE50HyRAGtLPa6rddhZsDDR7XL5FK2FOFtmvW2VcRnFc0vUaQz3fyysQRAErRcBuYhV6FoTxYYqY8x9ewVuJBxMMm9lztWOs3vXugQ5k1xnQOfda1o90jn7l_bG_CJGAVDzfsaloDC0J-triuZao4_cDYI3VvjMDc_hkb1UJAL2iQwggmKArPuLPUlx_0i9-NZkSg&pr=13:YeFvZgAAAACeNY3aP9Jet777f4ZwSMOe_nxDFg&cid=CAASBORoxys&rfl=2%2Chttps%253A%252F%252Fwall.alphacoders.com%252Fby_sub_category.php%253Fid%253D289267%2526name%253DShadow%252Bof%252Bthe%252BTomb%252BRaider%252B%2525D0%25259E%2525D0%2525B1%2525D0%2525BE%2525D0%2525B8%2526lang%253DRussian%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 12:41:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD7D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BI9F0aW_hYaykHNKpyQPCkamYBQAAAAA4AeAEAg&bg=!_v2l_bnNAAaocxMpqHM7ACkAdvg8WsQIrLKwS0_P361bwichB0jlUHF1kikbpzLsdfrx0F9anycnGwIAAABcUgAAAAJoAQeZA1JIo-OeX8_j_pg7ExnoP8Whfa9F5TO4-DKAVDEn4kQ5B4mQcREAXTK3otIamqsVvDlgpOEtRIBBN2b_5Hq1wXjtQl-naPgcAADk2CLHkbm10kTz8BZjARqiXvyub51StraAfUKXSYHeDY_gJHCgTU3lAxdpCkfZI0hz8JzLj7o19TNb7o9M-Pg9nJK59C8ZMdu5Vt-Z-onxB_m7TSRr_Ivi5zfDld62Q6ln70HOa18ShtVLxe7Ofw6rNbuNNmeb4RHI8YA2XJhmSkEaY2qarBy8G2AFFZQjOGiCUnxNnmY6QlTBkSBjUAvnNVau4cXLqPveYsCsh9dOzdwRIO9oTka_L516ytjeG19hJy3ClNoU9PU2rRCHNCiM4Q3h_ly7NyCr9A7JkmhSqulbvDvmIhomckxVwW_8qgYegyPIU2t49Zlky8brI5lcCELphxbjxhfyWH1k8vTIrJoC1L-slRHS-2p1M8PBJ4K1Qvs3E3yDtDzKEsAyrWuFyEh1J2pPbSXmXx3L2v2K3CuwcTCpgCOymdyrPtvZ2cFnlmSwCpmyjwbIbOl6k7xfqRoUNlgP2t5GC6iDkL71B92z2vi2-Gd9WVDd_6EFfRrSZ6dMLZzKopMgLyeCGapCzbOyPacue8g-xCixmrukTshl-6qMHdrlh46nryCwFxTVXF-l861xXqnl2zXpP6rDEGSxH4zNLRVrUID-TArmStMKviDKIUfWbCN8TRYRZ74jGU11xR1wMD2Cn3mWQjVwNuEzgDKEPL6GKa0kDCSFUpvrTEmLkYJrEW9JXOOMJYkPAwLQyjOB5zcJan_DOWz5JtUbq9DkCFbV2qGFyVwJFaqTEznK2CMKjVaqb76CmL8aE_MS_eLdzD3ms9znV7V7BVx7EVxCSEXvnyFipdhckS2YDxTaoAhfcbA1GFbK_n_8Ws8zO-WXBXGakD_ju78RBM3hvkCuw0aeDC6E3WO3FY8J7oUp0NEHh8jwuNreJ0bUpKj0qdaYSzJL9r05PPeQkL2ZflGACg9SFfkCYQIlNVI9J0x7EfR2RaajTuXbpPDqg2xQpm4l2iETEUIU3QOhLGPztIX5nMZq0dzIKWb-995B9AbiUW3N1Lhre3UQ2gg6HcCtP0xQr_SD
Requested by
Host: 56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com
URL: https://56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tf_adChoice11.js
cdnx.tribalfusion.com/media/common/adChoice/ Frame B459 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnx.tribalfusion.com/media/common/adChoice/tf_adChoice11.js
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2525
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-function
301
last-modified
Mon, 22 Mar 2021 08:13:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
cf-ray
6cd6eff53b43713e-YUL
expires
Tue, 31 Dec 2030 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame B459 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=10806271254&tagKey=3171182075&loaderVer=0.1&site=alphacoderscom&adSpace=ros2&center=1&env=display&size=970x250&busted=1&url=https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian&f=1&p=3993840&tKey=asmneMXF37UtFQnPMCmcvqNqroR70fsK&a=1&adContainerId=richmedia_2&rnd=3995891
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
162a6b3bdfbd0f251e65e340c383b01c333ab0c1e5c1688e93afc965abbeab5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:13:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4396
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:01:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 14 Jan 2022 13:13:10 GMT
impl_v82.js
www.googletagservices.com/dcm/ Frame B459 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v82.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
922e306a6fe0ede719a7fc79f287dfabf6cd9234583d778ec544a88eed908db2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17197
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 15:37:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 15:51:19 GMT
mut
ghb.adtelligent.com/adunit/ Frame 1D83 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/19006/pbm_307825_11597.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.deliveryapis.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.deliveryapis.com
Date
Fri, 14 Jan 2022 12:41:13 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
B26160057.315763075;dc_ver=82.239;dc_eid=40004001;sz=970x250;u_sd=1;nel=1;cid=0002910059;dc_adk=635667947;ord=cgzkre;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FarmXpm4sY40UUZaTPXn2AU7R6bB3t...
ad.doubleclick.net/ddm/adi/N5877.2106305EXPONENTIAL/ Frame 1E5E 		48 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N5877.2106305EXPONENTIAL/B26160057.315763075;dc_ver=82.239;dc_eid=40004001;sz=970x250;u_sd=1;nel=1;cid=0002910059;dc_adk=635667947;ord=cgzkre;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FarmXpm4sY40UUZaTPXn2AU7R6bB3tvy0t3ZcpdEO4AvV5GjbTsYkWGb8RP3yTdUTWbbP2benVqMnTTv8QqnZbSVQBRFIoRtYdUGn54UPqodIOXaPu4dMZdPsBG5mnIpWXrVHjfXFYj1Ufi0qyOSbJAUbJSTdM4orZbxPFJrXTQy5Ejl5anQoEjI1bb8WHfVmmfKpGMwoWMJ3TQi3Weo4AZbGnbvEYs7RYVM51Vjomq7P5UF2TFnZcWEqxunyXmRFXyAZaioHMpQAvIZccHaPu%2F;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian$0;xdt=0;crlt=p)o(ELNi46;sttr=28;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v82.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
cafe /
Resource Hash
9c824a2df13f459cdb64f728e3ff63aea3cc0f370769cfc254700012f4d98afa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 14 Jan 2022 12:41:13 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
23446
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p.media
s.tribalfusion.com/ Frame E79B 		273 B
602 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=asmSg31rZb8WHbSoPnInGnpmH3E2Evh2tIN5PZbLmbYZd0GUPYcJ50VvMmaBS3bUTTFbZaUPv4PEbXSsFtQdFrYHrqVPvM2GJ30UFZaVmPw5mrePmMF2dUs1dnZdpdAo5PBT5GbgVsMaUc78RAvvTtQ3UbF12bZaxUaMvVEJbSTYFScQZdRrZatRHMkWVQ54UyxnWytXEPw3tnZaPcjC2mJHmdXyTcr6TVrUtfe2ZcE&mediaDataID=6530936&mediaName=frame.html
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4069942a3715ffb0e102dacffc0a828c5e124814c7a92384d243a7801cbe9c69

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

date
Fri, 14 Jan 2022 12:41:14 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
29
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cd6eff59cceca53-YUL
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 1A5A 		211 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=atmSg3UVMT2FumnHyqXqyw4dQASVZbE5AnHotinUHj60bUaYUUg0qqnSUnAUbQ0Tt3UobJnPUrt1TZbs5EFa2Tj4ma7GYF3cWHrWoAUBmcYwoWfB5TMe2dan3AbGnFbJXs701sn5XGbnnEFU2FQ2VUJFVAnWRTrQQsZbtStZbr1HvrT6Qx3Gn5XUvDT6mw56F6PPFD3HYy1tYZcpd2o36BY5HJ7XUUVrZcRRMt&mediaDataID=6347136&mediaName=frame.html
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04193cb4ce2a579535a7d07a64bb9772cc5ff896b6de494b06e386b8219c2d5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

date
Fri, 14 Jan 2022 12:41:14 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
30
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cd6eff59ccfca53-YUL
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame D7B1 		240 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aumSg30UUIVmqn4PUhRPJD4Wnt0tnCmdao5mrT4cQ7VcrdWcnhRAFNTWMPUFjY5bIwUarpVTJcSEJZdSGBCRFqrRtM8WcjQ2FeqodIOYTPp2tbHQcZbZc46MImdEyTdQcXU7k1FjgXaeMRrrGTFUSVdn2nrBuRFbNYTFs3TZba4T75oTBDXb77WWJXmPrBmsfootQA2TY82Wem3AvGprbEXtZbQUUYjNn6ndM&mediaDataID=4056396&mediaName=frame.html
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03ac1f39308ee6b9fdc1612192a2958ecccff14b8b14086c70d6fc6834f01199

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

date
Fri, 14 Jan 2022 12:41:14 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
22
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cd6eff59cd2ca53-YUL
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame A1D6 		379 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=avmSg3WHbSoAnKpVrsmWbA5Evi5dep4ABGnbQJYVUQ1cv20GrunEvR2bMQVr7GUArVRTM1QcZbqSd3O1dfuTPfO2G31XbFZcVmar2PneQAFK2HZbm0dYZcmHTM363Y5GjdTVBjUsJhPPYoUtvVTbfP3rapVqMwTEYlQEBZdQVJCPFuqPHU8VcQQ2UTxmteOYE6x2W3GPV7Zd5PQJmdXyVWQhXTZbbUcFXvnBGIA&mediaDataID=6546596&mediaName=frame.html
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff6378bc3717694e848610ef22d130292b382ff46b295598d9e14bbc72ca8aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

date
Fri, 14 Jan 2022 12:41:14 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
32
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cd6eff59cd6ca53-YUL
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 632B 		257 B
593 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=awmSg32FumodirXT2n3HjGSGbH5AMLmW6yTHbcYrUb1Ubf0auqRrJBTbv4VHY4orFvRFjqYEFr3E3k4qnRoanEYFJdUtrToA7ZcpG3wpdQJ3TZbe3tat5PjJprvEXsfWYVZbVXVZbupTb43FvWWUbZcWPY5QErRSs3MQdUOYt7uVPbN4sUYXF3ZdTmXw4AQeQPrC2drs1HUDmHEy36BY3sjgTWjc1U7YqlAd3x&mediaDataID=2713736&mediaName=frame.html
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4db67c448ca641e0140052139a0453a31be0d1163421e50ab602cd6d9ae112a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
15
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cd6eff59cd8ca53-YUL
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 2410 		307 B
628 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=axmSg3Vmqn2PU7RmjG2HvsXWZbKmH6u4PvY5cYdUsrcUcBeRPJxUtFQTFF33UZamUqvxTEQbQTBZaQGYIPbevPtj6WcvQ4reuodym0qTp3H3ZdQVrD4mUIpWZapVWZbhXUf9YbQ9XqAqPbUZbUFMXWd3WmbfmQUbM1TUy5EUk2avRmaMF1rY8UHrVn63BnVMwpt7B3qre2daM467IprbE0Gf0YW73VrbKt64Q6N&mediaDataID=8039566&mediaName=frame.html
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c21a8ade1093c7a16ea7ed061a48de84ddf7e9c3e0f31de21a36dffd50fe2e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

date
Fri, 14 Jan 2022 12:41:14 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
1
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cd6eff59cdaca53-YUL
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame F475 		445 B
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aymSg3oAnKpGvmoW3A2ane5tEM46jJmF3EXV3WXsv3XGFxnTrW3FFPWrJDWmn2REnSSsUtQtUyYdnoVmrp4GZbYXbQZbTAau2PFdR6BK3trO0HBZdnWay4mUV3sngTVJ6WVr8PAnxWdY3UbB12rIuWaUoWTYiSEQFSGQIRr6vRt77UVQS4UetnWAOXaqp3WjHQsZbF563EpHAoVWQh0bfkYaMeVWeGqZcsZbJH&mediaDataID=6719746&mediaName=frame.html
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fda4f60eb66bb7a5162367aec31f6c0d56ede57a784c985e68bc58a11e5d8c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
59
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cd6eff59cdeca53-YUL
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 9D92 		262 B
595 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aMmUoeodiq0qmy2WfEPVFF2mnLpWTtUHfhXr39XFbeXaItRbFEUFB5WHn0mFBoRU7y1T3s5TUj2qfXmEjI1FYbUt7VmPrKpGfrmHUJ2ar73dms4AJJnUrL0GMYXcJ0XVrnmTfV2FrPTFFFUP7VQanQQVZbtPHJx1WvoWmvO2sZbWXUZbJVmqw4AZb9R6JK3HrpXdQZdmH2u5PBV3cM7Us39WGnlRAMoWdF3WrM10FADpZdFuBZc&mediaDataID=5578346&mediaName=frame.html
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34ba0b3b32af297d2103c76061e78efadf5a08daf4685be3979a470464b7f5ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
14
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cd6eff5ace1ca53-YUL
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 2D71 		300 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aNmSg32PU9R6bA2tvq1WvJpdem4PJR5cUgTsM6VsBfPPvuUdJTUbM22UarWEMmTT3jSEYZdSVQLRbmpRWniUcfS4ryrmter0q6y4dYZdPcZbZa46JIoWeqUtja0brkYbYk0TyMPrMEWU3SVdr2nbFxPFZbrXEUO3EFa4q7XoTbIYFUaWHJ1mmYZcmcUwoWrJ2qFf3HIt4PjFmUMK0Gf01cFV0t3wMdbbMK24ul&mediaDataID=6807466&mediaName=frame.html
Requested by
Host: wall.alphacoders.com
URL: https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
667a7f1a3c8a37221bb65226355ca106201b452ab6e32a67f1c07aa5ee258223

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian

Response headers

date
Fri, 14 Jan 2022 12:41:13 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
18
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cd6eff5ace2ca53-YUL
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
view
securepubads.g.doubleclick.net/pcs/ Frame B459 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOs6CmkIgKFhU1DrVz1QroZF2LjwHjZ0VQugIPGJxLrIvRmOLJhwFpT4bIF-eo7J8MKZsr0dNP16jXYatG8ADcv5xFtBd8uH8mB8mc5YbJK50VFuI6ZsESk7W4EzA9Y09JYso1FJkYnMW9rembHTHc5lajSIHzJuOsDK0ojQjMsWvpGA1zFeUVMrEs5J1J3hSjnIK_O-1nJrSJmeI0p45IRFjJayIzkPXSNK1-hPiiRPQfvgj6DB8sDQi0H4jwnfBsBmsXmplfd3OoQybfRrhZXVkvF59F2wPKYs4kFrqyVNpa_F6Bg4fEg5rpExRFyA_PWUJeISazeI4&sai=AMfl-YSvAO7G_Jp0Dp7CXIanZlvLsbsKy0eYl2mtqowteifqv31BEd5O7kKOxx5exKLvYFA8Mu7Zst8GDMGr3SsPayIPRuc-EWnZ6oPcEAKxeRffyyT3sBnhXRbkj8Mz_Z40&sig=Cg0ArKJSzGWuuVDb3Gx8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 12:41:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 14 Jan 2022 12:41:13 GMT
truncated
/ Frame B459 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c62218dc4c9ed3181be7ec2f7c8ece3e5f686fbc2074ec24525529d510a523d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
i.match
a.tribalfusion.com/ Frame 632B
Redirect Chain
  • https://tags.bluekai.com/site/4229?id=18072662314459756810&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
  • https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
43 B
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=awmSg32FumodirXT2n3HjGSGbH5AMLmW6yTHbcYrUb1Ubf0auqRrJBTbv4VHY4orFvRFjqYEFr3E3k4qnRoanEYFJdUtrToA7ZcpG3wpdQJ3TZbe3tat5PjJprvEXsfWYVZbVXVZbupTb43FvWWUbZcWPY5QErRSs3MQdUOYt7uVPbN4sUYXF3ZdTmXw4AQeQPrC2drs1HUDmHEy36BY3sjgTWjc1U7YqlAd3x&mediaDataID=2713736&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:14 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6cd6eff74df7ca53-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
Date
Fri, 14 Jan 2022 12:41:14 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
i.match
a.tribalfusion.com/ Frame F475
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726623144...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726623144...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662314459756810&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
  • https://a.tribalfusion.com/i.match?p=b11&u=089EF038-E12B-4E9D-A8A5-824724A54C8C
43 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b11&u=089EF038-E12B-4E9D-A8A5-824724A54C8C
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aymSg3oAnKpGvmoW3A2ane5tEM46jJmF3EXV3WXsv3XGFxnTrW3FFPWrJDWmn2REnSSsUtQtUyYdnoVmrp4GZbYXbQZbTAau2PFdR6BK3trO0HBZdnWay4mUV3sngTVJ6WVr8PAnxWdY3UbB12rIuWaUoWTYiSEQFSGQIRr6vRt77UVQS4UetnWAOXaqp3WjHQsZbF563EpHAoVWQh0bfkYaMeVWeGqZcsZbJH&mediaDataID=6719746&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:14 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6cd6eff83e91ca53-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://a.tribalfusion.com/i.match?p=b11&u=089EF038-E12B-4E9D-A8A5-824724A54C8C
date
Fri, 14 Jan 2022 07:21:49 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug010:0:783
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame 1E5E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N5877.2106305EXPONENTIAL/B26160057.315763075;dc_ver=82.239;dc_eid=40004001;sz=970x250;u_sd=1;nel=1;cid=0002910059;dc_adk=635667947;ord=cgzkre;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FarmXpm4sY40UUZaTPXn2AU7R6bB3tvy0t3ZcpdEO4AvV5GjbTsYkWGb8RP3yTdUTWbbP2benVqMnTTv8QqnZbSVQBRFIoRtYdUGn54UPqodIOXaPu4dMZdPsBG5mnIpWXrVHjfXFYj1Ufi0qyOSbJAUbJSTdM4orZbxPFJrXTQy5Ejl5anQoEjI1bb8WHfVmmfKpGMwoWMJ3TQi3Weo4AZbGnbvEYs7RYVM51Vjomq7P5UF2TFnZcWEqxunyXmRFXyAZaioHMpQAvIZccHaPu%2F;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian$0;xdt=0;crlt=p)o(ELNi46;sttr=28;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Jan 2022 12:33:12 GMT
usermatch.gif
beacon.krxd.net/ Frame 2D71
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662314459756810&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662314459756810
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662314459756810
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aNmSg32PU9R6bA2tvq1WvJpdem4PJR5cUgTsM6VsBfPPvuUdJTUbM22UarWEMmTT3jSEYZdSVQLRbmpRWniUcfS4ryrmter0q6y4dYZdPcZbZa46JIoWeqUtja0brkYbYk0TyMPrMEWU3SVdr2nbFxPFZbrXEUO3EFa4q7XoTbIYFUaWHJ1mmYZcmcUwoWrJ2qFf3HIt4PjFmUMK0Gf01cFV0t3wMdbbMK24ul&mediaDataID=6807466&mediaName=frame.html
Protocol
H2
Server
44.194.147.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-147-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:14 GMT
cache-control
private, no-cache, no-store
x-request-time
D=42 t=1642164074
x-served-by
beacon-n020-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:14 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
971
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6cd6eff67c8e713e-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662314459756810
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 9D92
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662314459756810&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662314459756810&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
  • https://a.tribalfusion.com/i.match?p=b13&u=64476358923126224793280621740210638359
43 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b13&u=64476358923126224793280621740210638359
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aMmUoeodiq0qmy2WfEPVFF2mnLpWTtUHfhXr39XFbeXaItRbFEUFB5WHn0mFBoRU7y1T3s5TUj2qfXmEjI1FYbUt7VmPrKpGfrmHUJ2ar73dms4AJJnUrL0GMYXcJ0XVrnmTfV2FrPTFFFUP7VQanQQVZbtPHJx1WvoWmvO2sZbWXUZbJVmqw4AZb9R6JK3HrpXdQZdmH2u5PBV3cM7Us39WGnlRAMoWdF3WrM10FADpZdFuBZc&mediaDataID=5578346&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:14 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6cd6eff9afa7ca53-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-usw2-1-v023-0a2259a3e.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Dm8YDpMBT24=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://a.tribalfusion.com/i.match?p=b13&u=64476358923126224793280621740210638359
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 1E5E 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N5877.2106305EXPONENTIAL/B26160057.315763075;dc_ver=82.239;dc_eid=40004001;sz=970x250;u_sd=1;nel=1;cid=0002910059;dc_adk=635667947;ord=cgzkre;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FarmXpm4sY40UUZaTPXn2AU7R6bB3tvy0t3ZcpdEO4AvV5GjbTsYkWGb8RP3yTdUTWbbP2benVqMnTTv8QqnZbSVQBRFIoRtYdUGn54UPqodIOXaPu4dMZdPsBG5mnIpWXrVHjfXFYj1Ufi0qyOSbJAUbJSTdM4orZbxPFJrXTQy5Ejl5anQoEjI1bb8WHfVmmfKpGMwoWMJ3TQi3Weo4AZbGnbvEYs7RYVM51Vjomq7P5UF2TFnZcWEqxunyXmRFXyAZaioHMpQAvIZccHaPu%2F;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian$0;xdt=0;crlt=p)o(ELNi46;sttr=28;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Origin
https://ad.doubleclick.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 06:04:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23791
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Jan 2022 06:04:43 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1E5E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N5877.2106305EXPONENTIAL/B26160057.315763075;dc_ver=82.239;dc_eid=40004001;sz=970x250;u_sd=1;nel=1;cid=0002910059;dc_adk=635667947;ord=cgzkre;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FarmXpm4sY40UUZaTPXn2AU7R6bB3tvy0t3ZcpdEO4AvV5GjbTsYkWGb8RP3yTdUTWbbP2benVqMnTTv8QqnZbSVQBRFIoRtYdUGn54UPqodIOXaPu4dMZdPsBG5mnIpWXrVHjfXFYj1Ufi0qyOSbJAUbJSTdM4orZbxPFJrXTQy5Ejl5anQoEjI1bb8WHfVmmfKpGMwoWMJ3TQi3Weo4AZbGnbvEYs7RYVM51Vjomq7P5UF2TFnZcWEqxunyXmRFXyAZaioHMpQAvIZccHaPu%2F;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian$0;xdt=0;crlt=p)o(ELNi46;sttr=28;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 06:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Jan 2023 06:15:31 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 23CC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 14 Jan 2022 06:15:31 GMT
expires
Sat, 14 Jan 2023 06:15:31 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
23143
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i.match
a.tribalfusion.com/ Frame 1A5A
Redirect Chain
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662314459756810&_origin=1&redir=true
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662314459756810&_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662314459756810&_origin=1&redir=true&apid=UP4285f951-7537-11ec-b336-0e8af3d3cab3
  • https://a.tribalfusion.com/i.match?p=b17&u=UP4285f951-7537-11ec-b336-0e8af3d3cab3
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b17&u=UP4285f951-7537-11ec-b336-0e8af3d3cab3
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=atmSg3UVMT2FumnHyqXqyw4dQASVZbE5AnHotinUHj60bUaYUUg0qqnSUnAUbQ0Tt3UobJnPUrt1TZbs5EFa2Tj4ma7GYF3cWHrWoAUBmcYwoWfB5TMe2dan3AbGnFbJXs701sn5XGbnnEFU2FQ2VUJFVAnWRTrQQsZbtStZbr1HvrT6Qx3Gn5XUvDT6mw56F6PPFD3HYy1tYZcpd2o36BY5HJ7XUUVrZcRRMt&mediaDataID=6347136&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:14 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6cd6eff83e94ca53-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://a.tribalfusion.com/i.match?p=b17&u=UP4285f951-7537-11ec-b336-0e8af3d3cab3
date
Fri, 14 Jan 2022 12:41:14 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1E5E 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Jan 2022 12:41:14 GMT
US_BrandTrust.html
s0.2mdn.net/sadbundle/5889853837245677568/ Frame CA16 		41 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5889853837245677568/US_BrandTrust.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc48df38da01e03d6bab82a753b6d5712e1c660e4e563f09b2433b1313ae6872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
12120
date
Tue, 11 Jan 2022 13:09:34 GMT
expires
Wed, 11 Jan 2023 13:09:34 GMT
cache-control
public, max-age=31536000
age
257500
last-modified
Fri, 02 Jul 2021 15:29:15 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 1E5E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGwRN_vufMLX4-IZslzWIhXVhMPwR8JPY2_Wcl4m1AiLKMYvLB959N6HApM8bSXhUUR4lOVAxFc6BoGdFrXVoz3cibv09aFxUqyU0-ISOCn6ZVQsuO_DFNNDS-e9BaFEZx0Lca24z_MGBwL_OMwrtPZgfqjNsmt_XXP9QhUtcTc891pGlFeg&sig=Cg0ArKJSzBbCZy17_aMTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=111&cbvp=1&cstd=107&cisv=r20220112.78976&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N5877.2106305EXPONENTIAL/B26160057.315763075;dc_ver=82.239;dc_eid=40004001;sz=970x250;u_sd=1;nel=1;cid=0002910059;dc_adk=635667947;ord=cgzkre;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FarmXpm4sY40UUZaTPXn2AU7R6bB3tvy0t3ZcpdEO4AvV5GjbTsYkWGb8RP3yTdUTWbbP2benVqMnTTv8QqnZbSVQBRFIoRtYdUGn54UPqodIOXaPu4dMZdPsBG5mnIpWXrVHjfXFYj1Ufi0qyOSbJAUbJSTdM4orZbxPFJrXTQy5Ejl5anQoEjI1bb8WHfVmmfKpGMwoWMJ3TQi3Weo4AZbGnbvEYs7RYVM51Vjomq7P5UF2TFnZcWEqxunyXmRFXyAZaioHMpQAvIZccHaPu%2F;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian$0;xdt=0;crlt=p)o(ELNi46;sttr=28;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 12:41:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
i.match
a.tribalfusion.com/ Frame D7B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662314459756810
  • https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEM7v035Oj86rIzv7A5qzNUM&google_cver=1&google_ula=2786954,0
43 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEM7v035Oj86rIzv7A5qzNUM&google_cver=1&google_ula=2786954,0
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aumSg30UUIVmqn4PUhRPJD4Wnt0tnCmdao5mrT4cQ7VcrdWcnhRAFNTWMPUFjY5bIwUarpVTJcSEJZdSGBCRFqrRtM8WcjQ2FeqodIOYTPp2tbHQcZbZc46MImdEyTdQcXU7k1FjgXaeMRrrGTFUSVdn2nrBuRFbNYTFs3TZba4T75oTBDXb77WWJXmPrBmsfootQA2TY82Wem3AvGprbEXtZbQUUYjNn6ndM&mediaDataID=4056396&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:14 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6cd6eff77e0cca53-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEM7v035Oj86rIzv7A5qzNUM&google_cver=1&google_ula=2786954,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A1D6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=80d07be0-3b43-452f-84aa-9ac85022d3dd
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662314459756810
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662314459756810
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=avmSg3WHbSoAnKpVrsmWbA5Evi5dep4ABGnbQJYVUQ1cv20GrunEvR2bMQVr7GUArVRTM1QcZbqSd3O1dfuTPfO2G31XbFZcVmar2PneQAFK2HZbm0dYZcmHTM363Y5GjdTVBjUsJhPPYoUtvVTbfP3rapVqMwTEYlQEBZdQVJCPFuqPHU8VcQQ2UTxmteOYE6x2W3GPV7Zd5PQJmdXyVWQhXTZbbUcFXvnBGIA&mediaDataID=6546596&mediaName=frame.html
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:14 GMT
via
1.1 google
server
OXGW/17.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:14 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
678
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6cd6eff7ae47ca53-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662314459756810
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame E79B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662314459756810&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
  • https://a.tribalfusion.com/i.match?p=b20&u=YeFvaV4TKkZCtr9DqiYr3QAA
43 B
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b20&u=YeFvaV4TKkZCtr9DqiYr3QAA
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=asmSg31rZb8WHbSoPnInGnpmH3E2Evh2tIN5PZbLmbYZd0GUPYcJ50VvMmaBS3bUTTFbZaUPv4PEbXSsFtQdFrYHrqVPvM2GJ30UFZaVmPw5mrePmMF2dUs1dnZdpdAo5PBT5GbgVsMaUc78RAvvTtQ3UbF12bZaxUaMvVEJbSTYFScQZdRrZatRHMkWVQ54UyxnWytXEPw3tnZaPcjC2mJHmdXyTcr6TVrUtfe2ZcE&mediaDataID=6530936&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:14 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6cd6eff78e13ca53-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 12:41:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://a.tribalfusion.com/i.match?p=b20&u=YeFvaV4TKkZCtr9DqiYr3QAA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
255
Expires
Fri, 14 Jan 2022 12:41:14 GMT
ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js
pagead2.googlesyndication.com/bg/ Frame 23CC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdeeaca456001a6797d1256ce2e3be59f8229174301f475c1e0b9a88b7fcb1ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 06:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
194228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13313
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 06:44:06 GMT
css
fonts.googleapis.com/ Frame CA16 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed|Roboto:100,200,300,400,500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5889853837245677568/US_BrandTrust.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46f155dd64b2bebe72c36880c6b9aecb87c36212fd83fcc61c565a47d77c3a1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 12:30:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 14 Jan 2022 12:41:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jan 2022 12:41:14 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame CA16 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5889853837245677568/US_BrandTrust.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5889853837245677568/US_BrandTrust.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Jan 2022 12:41:14 GMT
DrawSVGPlugin.min.js
s0.2mdn.net/sadbundle/5889853837245677568/ Frame CA16 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5889853837245677568/DrawSVGPlugin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5889853837245677568/US_BrandTrust.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90bdd23965b9f7b74e68ae920a3e667d946a0588824e59efd15233e9a9c2fde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5889853837245677568/US_BrandTrust.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 13:09:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257500
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1596
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 15:29:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Jan 2023 13:09:34 GMT
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 2410
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662314459756810&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662314459756810
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662314459756810&cookieRequired=true
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662314459756810&cookieRequired=true
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=axmSg3Vmqn2PU7RmjG2HvsXWZbKmH6u4PvY5cYdUsrcUcBeRPJxUtFQTFF33UZamUqvxTEQbQTBZaQGYIPbevPtj6WcvQ4reuodym0qTp3H3ZdQVrD4mUIpWZapVWZbhXUf9YbQ9XqAqPbUZbUFMXWd3WmbfmQUbM1TUy5EUk2avRmaMF1rY8UHrVn63BnVMwpt7B3qre2daM467IprbE0Gf0YW73VrbKt64Q6N&mediaDataID=8039566&mediaName=frame.html
Protocol
H2
Server
35.190.126.92 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
92.126.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:14 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

location
/dspreply?dspId=15&dspUserId=18072662314459756810&cookieRequired=true
date
Fri, 14 Jan 2022 12:41:14 GMT
via
1.1 google
alt-svc
clear
content-length
113
content-type
text/html; charset=utf-8
KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ Frame CA16 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed|Roboto:100,200,300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:33:56 GMT
x-content-type-options
nosniff
age
475638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15712
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 09 Jan 2023 00:33:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame CA16 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed|Roboto:100,200,300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:09:49 GMT
x-content-type-options
nosniff
age
477085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 09 Jan 2023 00:09:49 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame CA16 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed|Roboto:100,200,300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 19:27:19 GMT
x-content-type-options
nosniff
age
580435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 19:27:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame CA16 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed|Roboto:100,200,300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:23:56 GMT
x-content-type-options
nosniff
age
245838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 16:23:56 GMT
multitracking
ghb.hb.selectmedia.asia/adunit/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hb.selectmedia.asia/adunit/multitracking
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hbw_master_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://wall.alphacoders.com
Date
Fri, 14 Jan 2022 12:41:14 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
gen_204
pagead2.googlesyndication.com/pagead/ Frame 23CC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bc-MWaW_hYe6SOJOUzgXIjYfwDwAAAAA4AeAEAg&bg=!vb6lvvrNAAaocxMpqHM7ACkAdvg8WjRPPZKmy2r-uedUPvjHRCK9ENsUWmuITqUD8fiHgeMV6sQlFwIAAADdUgAAAAJoAQeZAvqsBp1ilknFNOzK9seoahgXVqKCvRKtaxwfpncoNr5SRxgHd-gcSRyvvn3v92V0RaBjxwuIbGThm8goph7vvlGNxtZB35AvJGH1UesHGJp1ZgZ6gGIabB2pgorr2O_3psiI69g1pGKBz5s-lEkNhMY9QyQRf6rW7J0UtqtU4iHFKV7CiqMF9t6qazZXw4niCrMwaRYF_40PVpcY0T8M5fSz8w5uPNRDavrQZ6RV1Ib1NpWDcRU_TkqZKz5SFhLUU2FOu0exbSqHypFHO9_jp_fS7wkuHQCUSKFCvF-6z0lQlgPinsJeyUiOxDqsTeJEswPXd_JByQXAn5oiw1FLLqG_q3I-1WfrP6w_7lYrfnNdz5EpduOdPjdnBn382xdoaKbRh4Eb_SkdPzEtRkTAgz8eCW93pE_SqAoA02IhfnbIMBIiGlRg2qJyFpngEOJHIW1SS3VBHo9_Gi630ZYI-gKQywVLtsoDgEkibNFi16Gr-36HojCoDlzTIyib-Z_dG0u2je7rEI5cgtaMEuExbi53ON8GVnHmH-f6r8nEprMAjjdzBSmv-UDc4IJEeJapi-Y5AF3vhCdkvSlsxC-FW_ZBpTH_-7mA9gtK87oR9Vn0hN6efRXR-75hmIiyqJhhcLKfSafi6W4bw4t2vZW6ijUzyzCUPgvssTH1mqYiYdLLpF1FSf1gd4KwLoYXlMuJ1olJFIg9yuhzBNcJf-29-BsHWopJ7ziayq4sXbBl8Lz82GTDHpYv60_L6omHf-VF8s_emQaMj55pCf69wajdcvl3wqoEQ40erS_Ft5ra5r89gz_o0Inz0zrVQh83CxHdfTQ5-LMu1SYcitXTB0mlqWOXXgHMd6BpCjVAhvKCaxw8b8E7xv09McO4Rr2gzLFnUwhNMJs5Ct-9HrfmSNhP9LvC0VfhfTIXLUK6912Yy6dxQqF_vNbPy5HeO3JckGD35-WmHc3bKf7CGyD4Ko8C4D2JckIfMbq5ifD8FMvGzwS9X6rmOAHMaGlKE0I
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N5877.2106305EXPONENTIAL/B26160057.315763075;dc_ver=82.239;dc_eid=40004001;sz=970x250;u_sd=1;nel=1;cid=0002910059;dc_adk=635667947;ord=cgzkre;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FarmXpm4sY40UUZaTPXn2AU7R6bB3tvy0t3ZcpdEO4AvV5GjbTsYkWGb8RP3yTdUTWbbP2benVqMnTTv8QqnZbSVQBRFIoRtYdUGn54UPqodIOXaPu4dMZdPsBG5mnIpWXrVHjfXFYj1Ufi0qyOSbJAUbJSTdM4orZbxPFJrXTQy5Ejl5anQoEjI1bb8WHfVmmfKpGMwoWMJ3TQi3Weo4AZbGnbvEYs7RYVM51Vjomq7P5UF2TFnZcWEqxunyXmRFXyAZaioHMpQAvIZccHaPu%2F;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian$0;xdt=0;crlt=p)o(ELNi46;sttr=28;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1E5E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGwRN_vufMLX4-IZslzWIhXVhMPwR8JPY2_Wcl4m1AiLKMYvLB959N6HApM8bSXhUUR4lOVAxFc6BoGdFrXVoz3cibv09aFxUqyU0-ISOCn6ZVQsuO_DFNNDS-e9BaFEZx0Lca24z_MGBwL_OMwrtPZgfqjNsmt_XXP9QhUtcTc891pGlFeg&sig=Cg0ArKJSzBbCZy17_aMTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=418&vt=11&dtpt=307&dett=3&cstd=107&cisv=r20220112.78976&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N5877.2106305EXPONENTIAL/B26160057.315763075;dc_ver=82.239;dc_eid=40004001;sz=970x250;u_sd=1;nel=1;cid=0002910059;dc_adk=635667947;ord=cgzkre;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FarmXpm4sY40UUZaTPXn2AU7R6bB3tvy0t3ZcpdEO4AvV5GjbTsYkWGb8RP3yTdUTWbbP2benVqMnTTv8QqnZbSVQBRFIoRtYdUGn54UPqodIOXaPu4dMZdPsBG5mnIpWXrVHjfXFYj1Ufi0qyOSbJAUbJSTdM4orZbxPFJrXTQy5Ejl5anQoEjI1bb8WHfVmmfKpGMwoWMJ3TQi3Weo4AZbGnbvEYs7RYVM51Vjomq7P5UF2TFnZcWEqxunyXmRFXyAZaioHMpQAvIZccHaPu%2F;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwall.alphacoders.com%2Fby_sub_category.php%3Fid%3D289267%26name%3DShadow%2Bof%2Bthe%2BTomb%2BRaider%2B%25D0%259E%25D0%25B1%25D0%25BE%25D0%25B8%26lang%3DRussian$0;xdt=0;crlt=p)o(ELNi46;sttr=28;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 12:41:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame B459 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpRctBEkLVJVN0YEOFEl4mLYJyHWHCRYXpn6ShKMsxOMfVcWt-aLakPVzo_UVfML2VF9bC2oPC1BbFHp7sZb6Ze7GfnF428oZwv37G83nituzj3naF&sig=Cg0ArKJSzKvhld4jWAVkEAE&id=lidar2&mcvt=1000&p=415,315,669,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220112&bin=7&avms=nio&bs=1600,1200&mc=0.98&app=0&itpl=19&adk=3240736744&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642164073139&rpt=730&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1E5E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrwFvCPeAyg35X2dm5wx0v5MHzXTPB3jPY0Nh3NYJ7RkYfaX5G6Bh-i0mQp-K7JdyDEC-KVBN1LUqAB-26lYeEx7dzQPx7mHk&sig=Cg0ArKJSzCwnk0rg3wQdEAE&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=635667947&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642164073845&rpt=400&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwall.alphacoders.com%2F&domain=wall.alphacoders.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://wall.alphacoders.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://wall.alphacoders.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1417
date
Fri, 14 Jan 2022 12:41:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwall.alphacoders.com%2F&domain=wall.alphacoders.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=pwmL1HxFS2MzRXV5TlZhakdXcDA5cFBxVjdjVTliaFlxY1YrUFhOV3NWZkxob29TTjJoZHJEZjdkY2pQVnZuN0Y4ck1FY0NwTWJKR3kydjBxbXp6WnRUdElXSmJKNU93MmdYUmpCb3hsUndtN2t1Y0ZvWHU5NWZzS1d0bH...
432 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pwmL1HxFS2MzRXV5TlZhakdXcDA5cFBxVjdjVTliaFlxY1YrUFhOV3NWZkxob29TTjJoZHJEZjdkY2pQVnZuN0Y4ck1FY0NwTWJKR3kydjBxbXp6WnRUdElXSmJKNU93MmdYUmpCb3hsUndtN2t1Y0ZvWHU5NWZzS1d0bHpLbzlteVphZGlTZ2ZwTDBGMnRCOG5ONGpKTkNoWFNuNjYrOENuOVUxZzc3dFdZOS9TdXFnVWNDZGNVUVFNTkpaZ1BFUUVFTkpXOEFyZ3hIMmxUWHF3b3NiR1ZONmVzdFRhTlZpUCtjMDJWNGIxc0VIWUdLVUVOUnhHRHlBbnpKeE56QU9ydiszTUNUT3NtUUE4akNJZUJ5cC9LUkFXSFJ4WXNmcktPcHN3cWxsNFcyU0RpWT18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
4c12041d3eeeb3a0e3ca77ee4cda39485f85d1b8a84a8ac69837974c67374866
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:15 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3338
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Jan 2022 12:41:15 GMT
location
https://mug.criteo.com/sid?cpp=pwmL1HxFS2MzRXV5TlZhakdXcDA5cFBxVjdjVTliaFlxY1YrUFhOV3NWZkxob29TTjJoZHJEZjdkY2pQVnZuN0Y4ck1FY0NwTWJKR3kydjBxbXp6WnRUdElXSmJKNU93MmdYUmpCb3hsUndtN2t1Y0ZvWHU5NWZzS1d0bHpLbzlteVphZGlTZ2ZwTDBGMnRCOG5ONGpKTkNoWFNuNjYrOENuOVUxZzc3dFdZOS9TdXFnVWNDZGNVUVFNTkpaZ1BFUUVFTkpXOEFyZ3hIMmxUWHF3b3NiR1ZONmVzdFRhTlZpUCtjMDJWNGIxc0VIWUdLVUVOUnhHRHlBbnpKeE56QU9ydiszTUNUT3NtUUE4akNJZUJ5cC9LUkFXSFJ4WXNmcktPcHN3cWxsNFcyU0RpWT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://wall.alphacoders.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2799
content-length
567
expires
0
692.json
id5-sync.com/g/v2/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
930f6f24777c6f508a2b6f7bd0e161277486a21ab9b7f30c9bd4917e5845cec8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 14 Jan 2022 12:41:16 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://wall.alphacoders.com
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
rid
match.adsrvr.org/track/ 		109 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/456156/hb_309851_7594.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
32b120655277eabb77a899290208dde6a45334d2b45f1263dba3498c432fd9b3

Request headers

Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Jan 2022 12:41:15 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wall.alphacoders.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 13 Feb 2022 12:41:15 GMT
ad_choices_i_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame B459 		513 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_i_UR.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:15 GMT
cf-cache-status
HIT
age
6263
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
513
x-function
301
last-modified
Mon, 22 Mar 2021 08:13:56 GMT
server
cloudflare
etag
1616400836
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
6cd6f001ed27ca53-YUL
expires
Tue, 31 Dec 2030 00:00:00 GMT
ad_choices_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame B459 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_UR.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wall.alphacoders.com/by_sub_category.php?id=289267&name=Shadow+of+the+Tomb+Raider+%D0%9E%D0%B1%D0%BE%D0%B8&lang=Russian
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:41:15 GMT
cf-cache-status
HIT
age
3037
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1608
x-function
301
last-modified
Mon, 22 Mar 2021 08:13:56 GMT
server
cloudflare
etag
1616400836
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
6cd6f001ed29ca53-YUL
expires
Tue, 31 Dec 2030 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pwmL1HxFS2MzRXV5TlZhakdXcDA5cFBxVjdjVTliaFlxY1YrUFhOV3NWZkxob29TTjJoZHJEZjdkY2pQVnZuN0Y4ck1FY0NwTWJKR3kydjBxbXp6WnRUdElXSmJKNU93MmdYUmpCb3hsUndtN2t1Y0ZvWHU5NWZzS1d0bHpLbzlteVphZGlTZ2ZwTDBGMnRCOG5ONGpKTkNoWFNuNjYrOENuOVUxZzc3dFdZOS9TdXFnVWNDZGNVUVFNTkpaZ1BFUUVFTkpXOEFyZ3hIMmxUWHF3b3NiR1ZONmVzdFRhTlZpUCtjMDJWNGIxc0VIWUdLVUVOUnhHRHlBbnpKeE56QU9ydiszTUNUT3NtUUE4akNJZUJ5cC9LUkFXSFJ4WXNmcktPcHN3cWxsNFcyU0RpWT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1206
date
Fri, 14 Jan 2022 12:41:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rtb.adxpremium.services
URL
https://rtb.adxpremium.services/openrtb2/auction
Domain
rtb.adxpremium.services
URL
https://rtb.adxpremium.services/openrtb2/auction

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onsecuritypolicyviolation object| onslotchange object| googletag object| vmpbjs object| vpb object| mapping function| gtag object| dataLayer function| $ function| jQuery function| setCookie function| getCookie function| fixVideoAd function| showWebsites function| handleApiError function| render_sorting_form function| updateBoxCaption function| linkToProfile function| loadingNext function| mostlyVisible function| deleteElement object| ggeac object| google_js_reporting_queue object| google_tag_manager undefined| google_measure_js_timing function| vmpbjsChunk object| _pbjsGlobals string| nobidVersion object| nobid object| google_tag_data object| gaGlobal string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaplugins object| gaData object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| e9PageData object| goog_ddm_ps

55 Cookies

Domain/Path Name / Value
wall.alphacoders.com/ Name: wa_session
Value: 6a985h3mlecaopeg8enthtv5salie6musllbh95m7j1bsdrn1ors7iib0lsf0h0tirlnl1m3i0ro8rvpsqrq2lcqek7kh509h1t1vb3
.alphacoders.com/ Name: _ga_HL65XQTV30
Value: GS1.1.1642164070.1.0.1642164070.0
.alphacoders.com/ Name: _ga
Value: GA1.2.1566614475.1642164070
.alphacoders.com/ Name: _gid
Value: GA1.2.184160088.1642164071
.alphacoders.com/ Name: _gat_gtag_UA_281956_21
Value: 1
.hb.selectmedia.asia/ Name: vmuid
Value: c82739718dcedb13
wall.alphacoders.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.alphacoders.com/ Name: _pubcid
Value: 5a473504-07bb-4346-a927-ecc7c6db181c
.openx.net/ Name: i
Value: 5a473504-07bb-4346-a927-ecc7c6db181c|1642164070
prebid.a-mo.net/ Name: __amc
Value: 1_1642164070_1642164070
.a-mo.net/ Name: amuid2
Value: 047b5163-90d7-4756-b3db-0e3541c1dcea
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: de16a806-232a-530e-8eff-99c2ef1ef6a4
.betweendigital.com/ Name: ut
Value: YeFvZgANRnCGu0Uk7QQV-SiqNdBjM5CbL_0jTw==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: 2b6f9be1e9d7f76d9c5d119c
.yahoo.com/ Name: A3
Value: d=AQABBGZv4WECEA363LZ4K7__HZx-p9Bc63IFEgEBAQHA4mHrYQAAAAAA_eMAAA&S=AQAAAi6q7VrbQWcPhH5v1tN9G_Y
.adtelligent.com/ Name: vmuid
Value: af36c04a184a6a7c
.adnxs.com/ Name: icu
Value: ChgI4axaEAoYASABKAEw596FjwY4AUABSAEQ596FjwYYAA..
.adnxs.com/ Name: uuid2
Value: 5313534240751669262
.rubiconproject.com/ Name: rsid
Value: 1|AsOwY0YD/NGDdiiv4cs9DA3hi90NfvHF0Bo+SpLxVVZ2/pSVYm6PRMWYCqaOieGkTxzCtT3GWjvGeUmnD2WgFA74oVwAuQdeukQVJpiMCxkjzG3GXfABU6uTSg==
.rubiconproject.com/ Name: khaos
Value: KYEE36OG-24-3MAL
.rubiconproject.com/ Name: audit
Value: 1|vAET2ryzqEGVVcfjS3CA6u1WuCoMxA8a+JUixCbOKdrbqElguRJooCBXqv1mn5UhxYnMs6iDDZws2QKDDbDUGcBQn6AvuCLFQXFQM5ICNxAdOKW1qRBjyg==
.hybrid.ai/ Name: vid
Value: a9510182358aa5d69146
.adtelligent.com/ Name: a324902
Value: a9510182358aa5d69146
.alphacoders.com/ Name: __gads
Value: ID=ea2bbc800d771986-22bc3add17cf0033:T=1642164072:S=ALNI_MbOCwPkLGkcSK5HqbJHNNlYc0fN1w
.doubleclick.net/ Name: IDE
Value: AHWqTUkI0iH57HsU4gPf-6qhNH4uz8T1J6MZc9jYmHy-34poDsjGdMPn47L2vBBxios
.criteo.com/ Name: uid
Value: 840baad4-4868-43c5-b125-91e73e60e7bb
wall.alphacoders.com/ Name: hbmp_cap_h
Value: eyJpeCI6MX0=
wall.alphacoders.com/ Name: hbmp_cap_d
Value: eyJpeCI6MX0=
.lkqd.net/ Name: lkqdid
Value: mj4Vt5hrUeI
.lkqd.net/ Name: lkqdidts
Value: 1642164073
.lkqd.net/ Name: sr59
Value: 1|CAESEHyCvwRrwDKQYZfot1twOJ8|1642164073
.casalemedia.com/ Name: CMPS
Value: 469
.casalemedia.com/ Name: CMID
Value: YeFvaV4TKkZCtr9DqiYr3QAA
.casalemedia.com/ Name: CMPRO
Value: 465
.alphacoders.com/ Name: cto_bundle
Value: VWuU5F9YZXp1YSUyRjJBS1ljNVY0OFZNWHFLVkMybm1YN3VaRTI4T0EzZ2Y0ZjRadHIxc0RaRFA3M1F1bUlDdHNSNXA4bjV6emxlSUl6NlAlMkJqbDl3MFFWc2JwcVprc1ZPREZsTWhrdFpnRGV4bVhDT0lGTkY3cG9FSE1LeVdqN0Q4NjFKUTNCQzFuU2JHN3YlMkZ4NE94OTNXcmhabnclM0QlM0Q
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 089EF038-E12B-4E9D-A8A5-824724A54C8C
.advertising.com/ Name: APID
Value: UP4285f951-7537-11ec-b336-0e8af3d3cab3
.casalemedia.com/ Name: CMRUM3
Value: 8361e16f6a276018072662314459756810&2d61e16f692760CAESEPPWcEuZVPfAxfNfs-SpA4Q
.casalemedia.com/ Name: CMST
Value: YeFvaWHhb2oA
.pubmatic.com/ Name: KRTBCOOKIE_1051
Value: 22884-18072662314459756810
.pubmatic.com/ Name: PugT
Value: 1642144909
.pubmatic.com/ Name: PUBMDCID
Value: 2
.analytics.yahoo.com/ Name: IDSYNC
Value: 18gs~22no
.yahoo.com/ Name: APID
Value: UP4285f951-7537-11ec-b336-0e8af3d3cab3
.yahoo.com/ Name: APIDTS
Value: 1642164074
.krxd.net/ Name: _kuid_
Value: OmeMJ4At
.demdex.net/ Name: demdex
Value: 64476358923126224793280621740210638359
.dmxleo.com/ Name: dmxId
Value: 23E2AC7D826CE7500OBTKBMRBDVONHDXK
.dpm.demdex.net/ Name: dpm
Value: 64476358923126224793280621740210638359
.tribalfusion.com/ Name: ANON_ID
Value: aQnQouo0P88CmTN83uFIprChJknLmeGfpOSHBdVRXVZdSOFneW8msmNy9BZcHHPI4gEvXVGlWXZbT4wvCd1HZbJso0TqlVN8tMDTIP3N4jwLZbriQPa4FiAOGoOkVELG7JH9IZaXr0FrXQpH1N4Trte3vimZcrTwEMAYagym3f2FP7VVAUGVgYmDEHaJoIbfZaCaiFJKWf5Y

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

56b5711e5947ef5479db5741c8df1ff7.safeframe.googlesyndication.com
a.tribalfusion.com
a475.casalemedia.com
acdn.adnxs.com
ad.doubleclick.net
ads.betweendigital.com
adservice.google.com
adtelligent-d.openx.net
ap.lijit.com
beacon.krxd.net
bidder.criteo.com
c2shb.ssp.yahoo.com
cdn.jsdelivr.net
cdnx.tribalfusion.com
cm.g.doubleclick.net
cs.lkqd.net
dm.hybrid.ai
dpm.demdex.net
dsum-sec.casalemedia.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb.hb.selectmedia.asia
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.alphacoders.com
images2.alphacoders.com
images4.alphacoders.com
images5.alphacoders.com
images6.alphacoders.com
images8.alphacoders.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
p.deliveryapis.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel.advertising.com
player.adtelligent.com
player.hb.selectmedia.asia
prebid-eu.creativecdn.com
prebid-us.creativecdn.com
prebid.a-mo.net
public-prod-dspcookiematching.dmxleo.com
rtb.adxpremium.services
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssc.33across.com
static.alphacoders.com
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
tags.bluekai.com
tags.expo9.exponential.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
wall.alphacoders.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
rtb.adxpremium.services
104.36.115.111
104.36.115.113
141.95.3.10
142.250.65.162
142.250.80.2
142.251.32.102
142.251.40.162
144.217.71.114
146.20.128.157
147.75.61.140
15.197.193.217
151.101.193.108
172.98.26.126
173.223.237.164
185.184.10.30
185.184.8.65
193.200.65.5
23.209.184.224
23.227.139.243
23.92.190.74
2602:803:c001::200:144
2606:4700:10::6814:fc2
2606:4700:10::ac43:324
2606:4700::6810:5614
2606:4700::6812:517
2606:4700::6812:c05
2607:f8b0:4006:806::2002
2607:f8b0:4006:809::200a
2607:f8b0:4006:80a::2006
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2002
2607:f8b0:4006:820::2001
2607:f8b0:4006:820::200e
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::2004
2607:f8b0:4023:1404::9c
2620:100:a001::4
2a02:2638:1::13
2a06:8640:454::2
2a06:8640:799:0:ec4:7aff:fe6e:a48e
3.218.90.66
3.230.217.116
34.149.20.76
34.236.165.73
34.98.64.218
35.190.126.92
35.244.159.8
37.18.16.22
44.194.147.181
45.133.44.3
45.133.44.4
51.222.39.185
52.27.192.111
68.67.160.137
68.67.161.207
69.192.109.125
74.119.119.129
74.119.119.139
75.119.185.147
8.28.7.83
96.46.186.57
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
032e6bde6bb40a45cc3b37521a431baf04266f10e902dcff903b8a678db7675d
03ac1f39308ee6b9fdc1612192a2958ecccff14b8b14086c70d6fc6834f01199
0b875e9ccc10752769130c13cda92d5d683e52d85af1debb657e9793c9318c4d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0fda4f60eb66bb7a5162367aec31f6c0d56ede57a784c985e68bc58a11e5d8c9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1506581a322ad385916ec79c63401dce523a3d4c5e1a7440b96f976a06aaa62f
162a6b3bdfbd0f251e65e340c383b01c333ab0c1e5c1688e93afc965abbeab5f
17d4243e7b024dd5f58bf115e4b73cba3a2c6d26e95f9654c19690d9523026b1
1a43eae79660672e4a1fbaaf2bd7d823b8f86e6d215686668063325cda16fc45
1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f
217d1b91669dd4a21ce0cff140d526b43a3ac1ea5caa5578d5372fde00dadf1d
22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230
235845fba5a425cf4b3083cda28810069f328e11cd71e33b02a9b0e59e2c5976
237574c1e0ec7cf1ebbf22f92204a6611bd42ddbb9ac3d8b986deac694244b5c
26f91b5ac07a14c5e973fac6c1a8dc4cda4a7f305f18c013274e8d621e117fce
27c21a8ade1093c7a16ea7ed061a48de84ddf7e9c3e0f31de21a36dffd50fe2e
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2c62218dc4c9ed3181be7ec2f7c8ece3e5f686fbc2074ec24525529d510a523d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30718b4ce10a9ba6c7f2a1727a7c5164d8b97c998edf3cff19380c3e465cc525
32a0e84c5f8846e4bca9b38e9b05609ac5b1afaeff9344064d172e0e584ee834
32b120655277eabb77a899290208dde6a45334d2b45f1263dba3498c432fd9b3
32f2b21bb95da903dbeeaf23f2faf4696a66b61165221deeed62b69e47f97b95
34ba0b3b32af297d2103c76061e78efadf5a08daf4685be3979a470464b7f5ff
36221de882f3c805484c4ae4ade170f5ff78bee4ab424c97afd89904850f5ddb
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38690ddac718aa545df4ed2d21217f0d1f533c4ed17a84d0043b555a8e41ffbc
3ff6378bc3717694e848610ef22d130292b382ff46b295598d9e14bbc72ca8aa
4069942a3715ffb0e102dacffc0a828c5e124814c7a92384d243a7801cbe9c69
4379d396f85d7bee7f6681236ff6d976b8df37ebbf2d5bd4ec7244e7eb3eb3e5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46f155dd64b2bebe72c36880c6b9aecb87c36212fd83fcc61c565a47d77c3a1a
48c6607a623bfae7b06f7b091e7749516a95944fd9d8252a339901aa82d98ef0
494e9d9eaba7ccfee2a79037607169c14fb897914213c480acd1b120a29aca37
4c12041d3eeeb3a0e3ca77ee4cda39485f85d1b8a84a8ac69837974c67374866
4ccab3eb7be13c5f2844e83fa9bf2a7168d16643951cee7f774909cd9d81c3b1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57017f76fc8c8ee794842ddfd3931d3844a46b81d24503edd8bf21296dc9f96d
5b50363b5cf49656e8e8d78aa22f8cc49a52b377150f88915197668256a93ecd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63f89fea60bbfdd65baaf8b1d1ccb9779cf18b3dff20a26ebc83680d2a27cc38
6545d40233b59548a662210b9008e6d844d8ab8bbd93dc01aaaa3c7f4d56cf4d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
667a7f1a3c8a37221bb65226355ca106201b452ab6e32a67f1c07aa5ee258223
690f510aa7992bd3d1621db29b97c1273de2b676736712eda387c7fea75cf385
697e8ccc1586d0b981a08ff820403c24ed2f1fa83862fdea36b7e834cd7a2dc2
69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70d1249dd65ef49fd2803818fc81ed23f11f9f205b252641ba7ac6f00a7f24c0
723cf7d7de0985ea656da99fb8a267a91cb72636e6b070a718680b329406514f
73448e08e8e7f6e8f9abc67b4309ba87c1d7e40150bddcdb38f0072bb89a0188
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
7a5df94e1ccbbef8e63969742fa5cfeee8bbcd820a4f270a1b051425fab9baf0
7e94c765920278a55ca16a0bb9f68b4270424b97b91e1dc0871d25c82b1c41d5
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
84af7cef078a8aec5cb3a415b9ec9e6af9451e7b39f7e2b61f99bc6cd5b5e72c
8610d65ed12e7e4eed8c12ca27d3f04859968567a0e2a99a80ecd4d37c26c846
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8784fe39f172830511bb8fc1e5a144f426f24c5b2dd9a6a8eb8b32c0810d71ee
87bfaf112a11ed2c4bafe9a36ecc945dcc14f88f8742ec5e18cd125c0572a739
87f0a47edd31591379b61cd2dbd8b1814e23c90f7d8b10fa0ab30735a01db846
8dd181375189e99e1781d805ce331f361275384a056425f855c2df7cfff71b39
903216b8bc379bba8176939da20d0a59a2031a0b2cce91e717cf180d09204f2f
90bdd23965b9f7b74e68ae920a3e667d946a0588824e59efd15233e9a9c2fde8
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90e9b37e995d98b6c43d8b384c943a653e81ee7c99d551132d36989ea923dfd6
91ae80f6f7052ffca5f547838af6d98e13939d6858f8a57c2ace77499697fd62
922e306a6fe0ede719a7fc79f287dfabf6cd9234583d778ec544a88eed908db2
927637f4532b737758acc88542c4b4e7b53391897e77a1fc4704fe4543e42983
930f6f24777c6f508a2b6f7bd0e161277486a21ab9b7f30c9bd4917e5845cec8
94b9235eb14dfcb7d43a070ae4bd4fc8ccd6a82278491cb96f05e22de2c20455
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
9713885add2a6af282cefed2ef87cd372ea798791aff8a17e8aa206b5d0a72ea
9c824a2df13f459cdb64f728e3ff63aea3cc0f370769cfc254700012f4d98afa
9f37866ff681b5938b52b9848d04a603727e84e64aa395adadc4ce65569641b7
a04193cb4ce2a579535a7d07a64bb9772cc5ff896b6de494b06e386b8219c2d5
a04b59a04eb1cd8d6c291a226865a5b49d9279adcf8483629fe31b3cbdd402a1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06b2069a29e8ec11194fafb2d80577880568e27d910e6eaa67e712a90fbb9bc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2ea64b334aaa65f062d5abc47ecc1580422ba79325108b70aa76a1cbb75df47
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a860237fd3ee3aaa8dd6376d9135ecf9961f884a42b5c3ac138f10afb4d6dc8a
aa3e87dbff2db383f7e72a575e72aeb99b34e2b7e1593e2cae58c9a268298579
af059126fd18022f9325df970fe7bc24000454a78f242df8687dcc5c019495c8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4ab5786e88f3d01f800c164dd97a248c6ac48952f103ad0c86aa02cc3a652f7
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
b97b2a243716415e0729526a1b9c200df867522b982144085c0b465157453f1d
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
bc48df38da01e03d6bab82a753b6d5712e1c660e4e563f09b2433b1313ae6872
bdb86a90b4fc73a590adb2e3c5cac4c0b535962dcf0f4517d6371760dc6aeb89
bdf7870968e2a6bd2f1c8f0d55802edd2ebec630a86730ba6663b29d55d42712
c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee
c14b10dbb39d51396ce90c5df0e9702d88250bffefd51c19d5f6291fabfc5609
c353712a178e437586586c7df4df1f72a6a4326e86253f70c8865b241b8a507a
c4d0507a0dd2bbdb072e29b6c007111b7a69e116c26a64449fed9e84b2df3b6e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd3fcab1cffe6f9960dde9a947be1488fa74ef2988f2f22eb71726bbcea5c8e8
cdeeaca456001a6797d1256ce2e3be59f8229174301f475c1e0b9a88b7fcb1ae
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714
d4cb1b5d7d34ca5bbf63dce8094b477a55b96ce64dc47dced76d181976ba248a
d4db67c448ca641e0140052139a0453a31be0d1163421e50ab602cd6d9ae112a
d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a
dbe96e049095eb1f4ac1aeb54b92c03f71d9aa8a0d3643ef35191302a7864f9a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e11bb6fd697b8be4d7508b6c396f7ef3277205c359ccf9eff56f744a2d4e9e26
e1982f3ce9bee4ad60f0a90a19efd3e04f8a9be9b1ca85079186a9a01dacca1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b6a593bd76ebe30cb1a0821c0680337539c150b7c8ed68b043e7477feddbc4
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
ea7cd8ffc2ebe6b49177b383b20d5beba8cd6cb45aa46cd6d655d658de445e2b
ec2d889e42ca874373ee700e0aa44b904ddd761029dadd80ed6e8dbf3d601241
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b48d53619eb041b8dcfe858927602fd4df76501a5077b458094a66ab4494df
f5bb6806f900dfe1a9487808c92dffd66490da46cab99afd2c3b005086ce9a50
f60f4f432b29e8e7b604ece0d42301f619383f6455f0362ada907edba35d0b03
f9b2b67d3e8f58214d971f90562197da9652e5fe4c4a3c314390afa600805d8f
fe83916fcd7d4c761fdba30973be64a77f54e78daa4a5b1b537f60cc9ef2e8df