pad-brumal.com Open in urlscan Pro
172.67.190.68  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://offer24t.ru/ Page URL
2. https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&is_visitor=1 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response offer24t.ru/	189 B 340 B	500ms 113ms	Document text/html	2a03:6f00:1::5c35:60df TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://offer24t.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:1::5c35:60df , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash 1f3a74b0a106da05e1131763ae6c31a48c6eca45064955a96caf2fa4e7e94819 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 189 content-type text/html; charset=utf-8 date Sat, 27 Jul 2024 09:00:40 GMT etag "bd-61dd374c9dd4f" last-modified Mon, 22 Jul 2024 10:24:54 GMT server nginx/1.24.0
GET H3	200	Primary Request new Show response pad-brumal.com/preview/	5 KB 3 KB	277ms 218ms	Document text/html	172.67.190.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&is_visitor=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 410b78a79343da0227a2c2c6dcdf9eb2395a682332ab365d47224e3c6964a89e Request headers Referer https://offer24t.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With access-control-allow-methods GET,POST,PUT,DELETE,OPTIONS access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8a9b70c0cc764d8a-FRA content-encoding br content-type text/html; charset=utf-8 date Sat, 27 Jul 2024 09:00:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9VF3CxYL1ar3YaNeQa8b3NG1Pu8ytCPQSk8y3yzclT4%2FT56%2F124waJK86forWEluEindjMGAU%2Fo%2BMQLrr68TYjuMreTjNyKCOusbOJHk%2F%2F0StVk8cLQ1Qy2d09clbdEmuQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x_domain pad-brumal.com x_theme outofwindow3-without-dmp2.desktop
GET H2	404	favicon.ico offer24t.ru/	196 B 278 B	71ms 71ms	Other text/html	2a03:6f00:1::5c35:60df TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://offer24t.ru/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:1::5c35:60df , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash Request headers Referer https://offer24t.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:40 GMT server nginx/1.24.0 content-length 196 content-type text/html; charset=iso-8859-1
GET H3	200	grid.min.css pad-brumal.com/static/outofwindow3-without-dmp2.desktop/css/	51 KB 7 KB	200ms 199ms	Stylesheet text/css	172.67.190.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pad-brumal.com/static/outofwindow3-without-dmp2.desktop/css/grid.min.css Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&is_visitor=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21226ae8892fd9920a89d1c1b2a1f17a93b600e6d88d7427a878fdd964340e8d Request headers Referer https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&is_visitor=1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:40 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 24 Jul 2024 13:00:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66a0faff-ca40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dS6Yug%2BqffNC9xORPnoMBMY1o2y1MdmvlnbLjBzAyN61l9OYvcT4wYITbmrzWpjoNAmWx8Dvy8xKVBvxBPLuE4Wmop4qiG8X%2F9OQPglz6A3npXzJytabSug8BsamRfxHeQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 8a9b70c22e914d8a-FRA alt-svc h3=":443"; ma=86400
GET H3	200	app.9ef6b4b3.js Show response pad-brumal.com/static/outofwindow3-without-dmp2.desktop/js/	61 KB 10 KB	64ms 62ms	Script application/javascript	172.67.190.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pad-brumal.com/static/outofwindow3-without-dmp2.desktop/js/app.9ef6b4b3.js Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&is_visitor=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 999d149f5bc8f8fd832af063386f6b6527c339218d1739e53e288a30fbe513bc Request headers Referer https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&is_visitor=1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:40 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 24 Jul 2024 13:00:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66a0faff-f4e5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bQwtedXsKxWd4NhaeZFEgtV46gteaCxKUSQ29FYXsT6jpE3KzCoqNhfg4Ylo%2BqgnZG1P1XRy87E%2BC3dfFMOdX12yszMLPYeMHgeAZ%2BuLFIMGZiJ4iJ6Xz%2FoOvPxmUrTZWw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 8a9b70c22e964d8a-FRA alt-svc h3=":443"; ma=86400
GET H3	200	chunk-vendors.e4bc14d4.js Show response pad-brumal.com/static/outofwindow3-without-dmp2.desktop/js/	281 KB 95 KB	236ms 234ms	Script application/javascript	172.67.190.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pad-brumal.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.e4bc14d4.js Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&is_visitor=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e92782bdc06a7b6372bf70025871163e9e4a73e8e341bac5bee8163748a98bb Request headers Referer https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&is_visitor=1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:40 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 24 Jul 2024 13:00:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66a0faff-46244" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6qx4CvXYECEOhzb8ZoMahnpRYhyAPbILsj8p6q%2B9J5ThOEzDnznUZFGkI6Sayk6MDm5DNbujGsgHk%2BhYhVDkngN0m1N4RZ0NHresexEZOimVvW%2BSGjDQrznbAY%2Bi76Hyfw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 8a9b70c22e974d8a-FRA alt-svc h3=":443"; ma=86400
GET H3	200	style.min.css pad-brumal.com/static/outofwindow3-without-dmp2.desktop/css/	10 KB 3 KB	186ms 185ms	Stylesheet text/css	172.67.190.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pad-brumal.com/static/outofwindow3-without-dmp2.desktop/css/style.min.css Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&is_visitor=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08fa696a857ae2754dc2709051f77b2e39e50df593dc3a6219fa9a77061976d7 Request headers Referer https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&is_visitor=1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:40 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 24 Jul 2024 13:00:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66a0faff-2868" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GCzX3BHfSXfu6mSv4djogTspTkiWkdk210QibEduxuCbgk7laQPrwTDs4pSXyi2Ff%2BiqKttzOFW%2FrA6NQ6XONIYeCU1g%2Bb5ennSRCxSdwMuWG1Gj889JdGm%2B0eyUD1lcMg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 8a9b70c22e984d8a-FRA alt-svc h3=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	69ms 24ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic Requested by Host: pad-brumal.com URL: https://pad-brumal.com/static/outofwindow3-without-dmp2.desktop/css/style.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pad-brumal.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 27 Jul 2024 09:00:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 27 Jul 2024 07:14:21 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 27 Jul 2024 09:00:40 GMT
GET H3	200	arrow-right-circle.png pad-brumal.com/static/outofwindow3-without-dmp2.desktop/img/	676 B 1 KB	83ms 82ms	Image image/png	172.67.190.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pad-brumal.com/static/outofwindow3-without-dmp2.desktop/img/arrow-right-circle.png Requested by Host: pad-brumal.com URL: https://pad-brumal.com/static/outofwindow3-without-dmp2.desktop/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f44cbdd6870924cf39f27ff12eb903a0ca9208e4817a9433d983bb23e6edc072 Request headers Referer https://pad-brumal.com/static/outofwindow3-without-dmp2.desktop/css/style.min.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT cf-cache-status DYNAMIC last-modified Wed, 24 Jul 2024 13:00:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "66a0faff-2a4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lnbUFiWOrc7z%2FGFq7TsSeExmBB9zlwgy1jDEYDl4J%2B5NfG4cl4%2FzdYkhhv3WIORzRSmsCdoqmzZmEm7ct0HhfwfLKOVAVmaWS5gFVrQHlNT7%2FBieJLU%2BBKBF9NCbHfVNmQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 8a9b70c449614d8a-FRA alt-svc h3=":443"; ma=86400 content-length 676
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	95ms 43ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 03:10:49 GMT x-content-type-options nosniff age 20992 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 27 Jul 2025 03:10:49 GMT
GET DATA	200 OK	truncated /	70 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 76975ba315befd03dd68246f65598f13854cda92700123dd8a0635fd3baf2b65 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	86ms 46ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:43:18 GMT x-content-type-options nosniff age 325043 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 14:43:18 GMT
GET H2	200	45e49f4106a03e252cc9665e791faa6b5f9f6063.js Show response wdhhsxghbr.com/1/	28 KB 8 KB	569ms 27ms	Script application/javascript	116.202.32.31 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://wdhhsxghbr.com/1/45e49f4106a03e252cc9665e791faa6b5f9f6063.js Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&is_visitor=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 116.202.32.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.31.32.202.116.clients.your-server.de Software nginx/1.18.0 / Resource Hash c48c9ec3815747491721483525af7eea2741ed84700a9b43060c36543e04b190 Request headers Referer https://pad-brumal.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT content-encoding gzip last-modified Mon, 15 Jul 2024 15:32:32 GMT server nginx/1.18.0 etag W/"66954110-6e1d" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-expose-headers * cache-control max-age=315360000 access-control-allow-headers * expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	get-n-item Show response pad-brumal.com/api/	2 KB 2 KB	85ms 85ms	XHR application/json	172.67.190.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pad-brumal.com/api/get-n-item?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=%5BSID%5D&utm_medium=11409&is_visitor=1&language=DE&blang=de-DE&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4&hash=b5b46be0-edfc-44b0-9621-9596d1438e39&project=5 Requested by Host: pad-brumal.com URL: https://pad-brumal.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.e4bc14d4.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e71549f401944f52c49ddf711feaf7c17ba20d92a7df4441b78ebe73a3324362 Request headers Accept application/json, text/plain, */* Referer https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fxf9wdem4menMyswTzaj3F%2BaqBfmKlM6xsnnslcrJmEYCPd92NBqE0q0bZ2zgpqZVZpiU%2BkWM5DC%2BPe15CS49o1jDq5IQtDLYUpY8fUrVqKEh7dDuYw%2FwARhEn83Zn98Sw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8a9b70c499f94d8a-FRA access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	image.gif mixer-antanaclasis.com/	43 B 1 KB	231ms 80ms	Image image/gif	92.38.192.253 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mixer-antanaclasis.com/image.gif?sid9=preview&utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&client_id=news-195d36c0-2169-4390-a323-db2484299fc4&cost=0&ip=&DEBUG=&category=0&resolution_width=1600&resolution_height=1200&connection_speed=4g,10&domain=pad-brumal.com&is_visitor=1 Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.38.192.253 Reutov, Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx/1.17.4 / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://pad-brumal.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Pragma no-cache Date Sat, 27 Jul 2024 09:00:41 GMT Last-Modified Sat, 27 Jul 2024 09:00:41 GMT Server nginx/1.17.4 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type image/gif Access-Control-Allow-Origin https://pad-brumal.com Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie Content-Length 43 Expires Wed, 11 Nov 1998 11:11:11 GMT
GET H3	200	get-items Show response pad-brumal.com/api/	30 KB 7 KB	186ms 185ms	XHR application/json	172.67.190.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pad-brumal.com/api/get-items?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=%5BSID%5D&utm_medium=11409&is_visitor=1&language=DE&blang=de-DE&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4&hash=b5b46be0-edfc-44b0-9621-9596d1438e39&project=5&boost=1&is_clear=0&count=10&offset=0&r=0.4549840660440805&theme=outofwindow3-without-dmp2&is_video=0&resolution_width=1600&resolution_height=1200&connection_speed=4g%2C10&article=b5b46be0-edfc-44b0-9621-9596d1438e39 Requested by Host: pad-brumal.com URL: https://pad-brumal.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.e4bc14d4.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b99f8a86af0ee5d9013c0b74a58a463f7c9ecb7028ffe4839571f8c0d21a4e48 Request headers Accept application/json, text/plain, */* Referer https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K7%2FOLpohYTeL4yrIKdx4QV5S57Qz3bBQXOXBXaJslvghrhd2iOtGbNa897OcFqDnkZ4WvxbqaZdJeF%2B0STflhujwukounBFKEwn%2FyjmvF0CMAppy%2FkKCNu6Xtr1xrbwBvw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8a9b70c53b194d8a-FRA access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With alt-svc h3=":443"; ma=86400
GET H3	200	b801f0d62d40991992ed1e698716c993.jpg pad-brumal.com/images/news/rectangular/	38 KB 39 KB	139ms 139ms	Image image/jpeg	172.67.190.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pad-brumal.com/images/news/rectangular/b801f0d62d40991992ed1e698716c993.jpg Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d26f360f99faa094e2bc1c601f46063bd24ff343dc2ab2bb7bb4ceef14fc005 Request headers Referer https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 39273 last-modified Thu, 09 Jul 2020 14:34:19 GMT server cloudflare etag "5f072aeb-9969" access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tPbRzRgCY9lBO83%2FsE%2BIbJFOtJU6PLE7Ft%2FpROsLxBIsWa1HWgcRgzbW5mc%2F4X4h81CZ3b15mqXA67Y10GXHXG2lTxFuL3VyTanq9RoDsJXCJ7ltFh2VrDfWAqM0JMCGBg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers * cache-control max-age=315360000 accept-ranges bytes cf-ray 8a9b70c53b1e4d8a-FRA access-control-allow-headers * expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	62ms 61ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 12:29:10 GMT x-content-type-options nosniff age 333091 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 12:29:10 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	10 KB 10 KB	60ms 59ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:52:55 GMT x-content-type-options nosniff age 324466 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9840 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 14:52:55 GMT
GET H2	200	d5697bd3-b6d6-449a-8c56-ad4e4d1034d8.jpg yeheuwrfh3.com/images/d5/69/	44 KB 44 KB	317ms 142ms	Image image/jpeg	95.163.155.38 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yeheuwrfh3.com/images/d5/69/d5697bd3-b6d6-449a-8c56-ad4e4d1034d8.jpg Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.163.155.38 , Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash 6620a48adc329ca7f905787c3a14ef6da121b23280b4a9e1943ebcaf76db2be3 Request headers Referer https://pad-brumal.com/ Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT last-modified Thu, 25 Jul 2024 13:18:05 GMT server nginx/1.18.0 etag "66a2508d-afed" access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * access-control-expose-headers * cache-control max-age=315360000 accept-ranges bytes access-control-allow-headers * content-length 45037 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0981c83c-ce8d-4016-90cd-780f372f2020.jpg yeheuwrfh3.com/images/09/81/	57 KB 57 KB	315ms 141ms	Image image/jpeg	95.163.155.38 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yeheuwrfh3.com/images/09/81/0981c83c-ce8d-4016-90cd-780f372f2020.jpg Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.163.155.38 , Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash 3e438bbfa87b815091dded60ea6795ab5f94697ca39b2b5f2a09baedb923e9d7 Request headers Referer https://pad-brumal.com/ Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT last-modified Thu, 02 May 2024 10:51:45 GMT server nginx/1.18.0 etag "66337041-e4a2" access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * access-control-expose-headers * cache-control max-age=315360000 accept-ranges bytes access-control-allow-headers * content-length 58530 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	e4794750-015d-4526-a01e-d0effa26e49b.jpg yeheuwrfh3.com/images/e4/79/	56 KB 57 KB	317ms 143ms	Image image/jpeg	95.163.155.38 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yeheuwrfh3.com/images/e4/79/e4794750-015d-4526-a01e-d0effa26e49b.jpg Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.163.155.38 , Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash 5ace599a6f33964ff5fda31e091664db616492b6c1215a08871443ab646d9748 Request headers Referer https://pad-brumal.com/ Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT last-modified Mon, 19 Feb 2024 12:07:27 GMT server nginx/1.18.0 etag "65d3447f-e0d1" access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * access-control-expose-headers * cache-control max-age=315360000 accept-ranges bytes access-control-allow-headers * content-length 57553 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	caa3445e-c289-46c4-ab17-9938880c8bc7.jpg yeheuwrfh3.com/images/ca/a3/	19 KB 19 KB	316ms 143ms	Image image/jpeg	95.163.155.38 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yeheuwrfh3.com/images/ca/a3/caa3445e-c289-46c4-ab17-9938880c8bc7.jpg Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.163.155.38 , Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash 61314a6442fbd3c56396d13d6c9540f0d7a290655973208a795030da07856615 Request headers Referer https://pad-brumal.com/ Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT last-modified Thu, 28 Mar 2024 14:18:24 GMT server nginx/1.18.0 etag "66057c30-4ad1" access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * access-control-expose-headers * cache-control max-age=315360000 accept-ranges bytes access-control-allow-headers * content-length 19153 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	268a1c7b-6589-46b1-86df-04cc1862d50e.jpg yeheuwrfh3.com/images/26/8a/	17 KB 17 KB	316ms 142ms	Image image/jpeg	95.163.155.38 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yeheuwrfh3.com/images/26/8a/268a1c7b-6589-46b1-86df-04cc1862d50e.jpg Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.163.155.38 , Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash a26aac8d86d9b2d48985c9626cd869097159b629f64bcf51eab74aefd02c8fb8 Request headers Referer https://pad-brumal.com/ Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT last-modified Sat, 27 Apr 2024 11:27:22 GMT server nginx/1.18.0 etag "662ce11a-424e" access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * access-control-expose-headers * cache-control max-age=315360000 accept-ranges bytes access-control-allow-headers * content-length 16974 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	97c8029c-e8e5-4764-aa24-caad38263858.jpg yeheuwrfh3.com/images/97/c8/	16 KB 16 KB	315ms 142ms	Image image/jpeg	95.163.155.38 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yeheuwrfh3.com/images/97/c8/97c8029c-e8e5-4764-aa24-caad38263858.jpg Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.163.155.38 , Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash 5348690ef610ebb4da64cb60a93db6de9037063ef9707415420ca0716cb690d9 Request headers Referer https://pad-brumal.com/ Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT last-modified Tue, 28 Nov 2023 12:50:32 GMT server nginx/1.18.0 etag "6565e218-3f55" access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * access-control-expose-headers * cache-control max-age=315360000 accept-ranges bytes access-control-allow-headers * content-length 16213 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	ff6005a0-86d0-49c1-9bd8-b86cbf607545.jpg yeheuwrfh3.com/images/ff/60/	29 KB 29 KB	272ms 103ms	Image image/jpeg	95.163.155.38 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yeheuwrfh3.com/images/ff/60/ff6005a0-86d0-49c1-9bd8-b86cbf607545.jpg Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.163.155.38 , Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash 1e358dd0b318f849fbf75f307b86b113e560106f1b732f8f4403ff9930f17ec2 Request headers Referer https://pad-brumal.com/ Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT last-modified Mon, 16 Oct 2023 13:36:16 GMT server nginx/1.18.0 etag "652d3c50-72a1" access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * access-control-expose-headers * cache-control max-age=315360000 accept-ranges bytes access-control-allow-headers * content-length 29345 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	862823d4-11a1-4f70-8585-0883291f51ec.jpg yeheuwrfh3.com/images/86/28/	29 KB 29 KB	247ms 78ms	Image image/jpeg	95.163.155.38 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yeheuwrfh3.com/images/86/28/862823d4-11a1-4f70-8585-0883291f51ec.jpg Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.163.155.38 , Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash dc884e1f240c53d41695db868964b037414afc9a7f346b3e4782dd31e57ddd7d Request headers Referer https://pad-brumal.com/ Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT last-modified Mon, 27 May 2024 12:58:06 GMT server nginx/1.18.0 etag "6654835e-7321" access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * access-control-expose-headers * cache-control max-age=315360000 accept-ranges bytes access-control-allow-headers * content-length 29473 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0124bcd3-bc38-49d6-8524-89b574cfe4d9.jpg yeheuwrfh3.com/images/01/24/	15 KB 15 KB	130ms 129ms	Image image/jpeg	95.163.155.38 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yeheuwrfh3.com/images/01/24/0124bcd3-bc38-49d6-8524-89b574cfe4d9.jpg Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.163.155.38 , Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash 07169da9705d3db63debc5c34540e232dad37a0eac665a60fa0d5e02378af50c Request headers Referer https://pad-brumal.com/ Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT last-modified Fri, 21 Jun 2024 09:51:46 GMT server nginx/1.18.0 etag "66754d32-3c61" access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * access-control-expose-headers * cache-control max-age=315360000 accept-ranges bytes access-control-allow-headers * content-length 15457 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	5bee4957-d90b-41fd-b96e-bb2e215e9f1b.jpg yeheuwrfh3.com/images/5b/ee/	20 KB 21 KB	131ms 131ms	Image image/jpeg	95.163.155.38 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yeheuwrfh3.com/images/5b/ee/5bee4957-d90b-41fd-b96e-bb2e215e9f1b.jpg Requested by Host: pad-brumal.com URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.163.155.38 , Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash 30dd503f17d14fcbdbe570bd09cb445d7ab407d21d5fa7a1244aca310f7d6696 Request headers Referer https://pad-brumal.com/ Origin https://pad-brumal.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:41 GMT last-modified Tue, 18 Jun 2024 10:30:39 GMT server nginx/1.18.0 etag "667161cf-51f3" access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * access-control-expose-headers * cache-control max-age=315360000 accept-ranges bytes access-control-allow-headers * content-length 20979 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H3	200	set-view Show response pad-brumal.com/api/	34 B 548 B	101ms 98ms	XHR application/json	172.67.190.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pad-brumal.com/api/set-view Requested by Host: pad-brumal.com URL: https://pad-brumal.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.e4bc14d4.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d11a7da52bb89f362ad17ee9f250103db4e4f1eba2e7ac362e04e0a0438fcc1 Request headers Accept application/json, text/plain, */* Referer https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Response headers date Sat, 27 Jul 2024 09:00:41 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NYNmLHA5o0QlAi1mJPpP0N4I7cb3hGHerDk%2FPlUYJwDbvRt9XCwNitZ%2BFpx10UXIUj34dFQ2Z8ptRGcB4hl7gxFukgP8AS6lBvKIY826I46CzdfIWvQG2GOl4oLrPVR5iw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8a9b70c929524d8a-FRA access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With alt-svc h3=":443"; ma=86400
GET H3	204	favicon.ico pad-brumal.com/	0 376 B	75ms 74ms	Other text/plain	172.67.190.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pad-brumal.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 27 Jul 2024 09:00:42 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 8a9b70cbdd784d8a-FRA alt-svc h3=":443"; ma=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pi0IOXxHUkJpr%2By3iBtCjAs%2BYT8QdcBexVY4MxBU3YyF3TJiLNI3tqWdHYQ3LPEjrloFGYpAt7a1XTCdEZi11jeqKRc39O4aoPN1g6rIwVAjjEdIFV7xBIQmtPnDN%2FFIOA%3D%3D"}],"group":"cf-nel","max_age":604800}
GET DATA	200 OK	truncated /	554 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1a22936b316f4b38ed4482fb564ae2d340006043e3edb29e2b33d06c9c873f80 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
POST H3	200	image-log Show response pad-brumal.com/api/	34 B 553 B	93ms 92ms	XHR application/json	172.67.190.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pad-brumal.com/api/image-log? Requested by Host: pad-brumal.com URL: https://pad-brumal.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.e4bc14d4.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d11a7da52bb89f362ad17ee9f250103db4e4f1eba2e7ac362e04e0a0438fcc1 Request headers Accept application/json, text/plain, */* Referer https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Response headers date Sat, 27 Jul 2024 09:00:42 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DaDVN4NXzQE616%2BDssXQNV1iMxt71NuLiWXKVZfJYjhsncPuUu%2BS7bC6SEM51ZP3u6kW%2Fnm05c3%2FE6L8RhxYfxdqIe1auZvZ%2FItmJFLqgLI2wlVSmxTJzkuQCIr3ZeCmVg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8a9b70ccff044d8a-FRA access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With alt-svc h3=":443"; ma=86400

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| config object| webpackJsonp string| uid object| scrollHistory object| vueApp object| teasersMediaLoadingSpeeds function| N7KFyTZTG6tKwC5JZ object| id41d8 object| KfCWDtcvoL object| U4hygn1S object| cJQpFvl object| CAAhYmw object| UONndiC0Dq object| HRxgw

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pad-brumal.com/	1970-01-20 22:22:37	Name: duid Value: news-195d36c0-2169-4390-a323-db2484299fc4
			mixer-antanaclasis.com/	1970-01-20 23:05:49	Name: cd Value: eyJzIjp7Im8iOiJMaW51eCIsIm92IjoiIiwiZGMiOjEsImIiOiJDaHJvbWUiLCJidiI6IjEyNiJ9LCJsIjp7InIiOiLQodC10LLQtdGA0L3Ri9C5INCg0LXQudC9LdCS0LXRgdGC0YTQsNC70LjRjyIsIm4iOjE3NDc3LCJpc3AiOiJMZWFzZXdlYiBHZXJtYW55In19
			mixer-antanaclasis.com/	1970-01-20 23:05:49	Name: cc Value: eyJ1aWlkIjoibmV3cy0xOTVkMzZjMC0yMTY5LTQzOTAtYTMyMy1kYjI0ODQyOTlmYzQiLCJkX29mZnNldCI6LTF9
			mixer-antanaclasis.com/	1970-01-20 23:05:49	Name: article Value: b5b46be0-edfc-44b0-9621-9596d1438e39
			pad-brumal.com/	1970-01-20 23:05:49	Name: templates_show_id Value: 111

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://offer24t.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://pad-brumal.com/preview/new?utm_campaign=56079&utm_content=b5b46be0-edfc-44b0-9621-9596d1438e39&utm_source=[SID]&utm_medium=11409&sid9=preview&uid=news-195d36c0-2169-4390-a323-db2484299fc4 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mixer-antanaclasis.com
offer24t.ru
pad-brumal.com
wdhhsxghbr.com
yeheuwrfh3.com
116.202.32.31
172.67.190.68
2a00:1450:4001:810::200a
2a00:1450:4001:828::2003
2a03:6f00:1::5c35:60df
92.38.192.253
95.163.155.38
07169da9705d3db63debc5c34540e232dad37a0eac665a60fa0d5e02378af50c
08fa696a857ae2754dc2709051f77b2e39e50df593dc3a6219fa9a77061976d7
0e92782bdc06a7b6372bf70025871163e9e4a73e8e341bac5bee8163748a98bb
1a22936b316f4b38ed4482fb564ae2d340006043e3edb29e2b33d06c9c873f80
1e358dd0b318f849fbf75f307b86b113e560106f1b732f8f4403ff9930f17ec2
1f3a74b0a106da05e1131763ae6c31a48c6eca45064955a96caf2fa4e7e94819
21226ae8892fd9920a89d1c1b2a1f17a93b600e6d88d7427a878fdd964340e8d
2d26f360f99faa094e2bc1c601f46063bd24ff343dc2ab2bb7bb4ceef14fc005
30dd503f17d14fcbdbe570bd09cb445d7ab407d21d5fa7a1244aca310f7d6696
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3e438bbfa87b815091dded60ea6795ab5f94697ca39b2b5f2a09baedb923e9d7
410b78a79343da0227a2c2c6dcdf9eb2395a682332ab365d47224e3c6964a89e
5348690ef610ebb4da64cb60a93db6de9037063ef9707415420ca0716cb690d9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ace599a6f33964ff5fda31e091664db616492b6c1215a08871443ab646d9748
5d11a7da52bb89f362ad17ee9f250103db4e4f1eba2e7ac362e04e0a0438fcc1
61314a6442fbd3c56396d13d6c9540f0d7a290655973208a795030da07856615
6620a48adc329ca7f905787c3a14ef6da121b23280b4a9e1943ebcaf76db2be3
76975ba315befd03dd68246f65598f13854cda92700123dd8a0635fd3baf2b65
999d149f5bc8f8fd832af063386f6b6527c339218d1739e53e288a30fbe513bc
a26aac8d86d9b2d48985c9626cd869097159b629f64bcf51eab74aefd02c8fb8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b99f8a86af0ee5d9013c0b74a58a463f7c9ecb7028ffe4839571f8c0d21a4e48
c48c9ec3815747491721483525af7eea2741ed84700a9b43060c36543e04b190
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
dc884e1f240c53d41695db868964b037414afc9a7f346b3e4782dd31e57ddd7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71549f401944f52c49ddf711feaf7c17ba20d92a7df4441b78ebe73a3324362
f44cbdd6870924cf39f27ff12eb903a0ca9208e4817a9433d983bb23e6edc072
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615